Computer Mail Services, Inc.
Software / Services / eMail Tools: IP Address Blocking, Spam Filtering, Log Data Mining and DNS Blacklist Monitoring

TELEPHONE: 248.352.6700 or 800.883.2674 (USA Only)

Products

BL-Monitor

ES-Insight

XE-Filter

Praetor Software

Press Release

	CMS Uncovers Relay Threat to Enterprise Mail Servers
	Reverse Non-Delivery Report (RNDR) Used to Steal Server Capacity, Enabling Undetected Spamming from Enterprise Servers; Vulnerability can be Measured via Free Online Test
	PRESS CONTACT: Computer Mail Services, Inc. Lih-Tah Wong 248.352.6700 x210 LWong@CMSConnect.com

DALLAS CONVENTION CENTER / BOOTH 374 — (June 4, 2003) — Computer Mail Services, Inc., a leading e-mail security and management software provider, has exposed a significant email threat to enterprises using the organization’s own servers. The threat, announced at Microsoft Tech-Ed 2003 in Dallas, exploits the system’s Non-Delivery Report (NDR) feature, enabling outside spammers to hijack servers in order to send out thousands of spam messages without the enterprise’s knowledge.

Computer Mail Services (CMS) has created a free online check to test the user’s server for this vulnerability. Go to http://www.cmsconnect.com/Praetor/RNDR/RequestCheck.htm.

According to Neil Berger, President of NSB Systems and Consulting Inc., a network solutions provider servicing many major Canadian corporations, the problem has become widespread in recent months. “Almost every installation I’ve encountered suffers from the problem of Reverse NDR,” Berger states. “Not only does Reverse NDR eat up huge amounts of mail server resources, but also the enterprise’s domain risks being blacklisted by ISPs, customers, and organizations with which the enterprise does business.”

UNDETECTED SPAM

A Reverse Non-Delivery Report (RNDR) attack occurs when the spammer takes advantage of a server’s inherent ability to return email that is misaddressed. Typically, when misaddressed email is sent, the mail is returned to the originating sender along with an error notification and the original message. By forging the originator’s address and sending to fictitious addresses within the domain of the victimized enterprise’s servers, the spammer can send emails to thousands of intended addressees without his own server ever being detected.

ALL SERVERS VULNERABLE

Very few email servers have a fix for the RNDR problem. One option is to turn off the NDR feature on the server; however, this is an all-or-nothing response that will stop valid NDR messages in addition to fraudulent ones.

Reverse Non-Delivery Report attacks, along with possible solutions, are explained in greater detail by visiting the company website at www.cmsconnect.com/Praetor/RNDR/prRNDR.htm

Founded in 1982, Sterling Heights, Michigan-based Computer Mail Services, Inc. (CMS), is a privately-held company specializing in products that improve the return on investment of electronic mail systems. Its flagship product, Praetor, is a rules-based, content-filtering and anti-spam firewall product for email servers. In addition to improving enterprise productivity and limiting objectionable or unwanted email, Praetor can stop invasion from spammers who use Reverse NDR attacks. For more information about Computer Mail Services, contact the company at 248-352-6700 or visit www.cmsconnect.com.

[ Home ] [ About CMS ] [ Site Map ] [ Support ] [ Downloads ] [ FAQ ] [ News ] [ Press Release ]
[ XE-Filter ] [ ES-Insight ] [ BL-Monitor ] [ Praetor Software ] [ Ad Sponsorship ]

Send mail to Webmaster with questions or comments about this web site.
Copyright 2011 Computer Mail Services, Inc.

Press Release

Reverse Non-Delivery Report (RNDR) Used to Steal Server Capacity, Enabling Undetected Spamming from Enterprise Servers; Vulnerability can be Measured via Free Online Test