1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar

Product Security

FSC-2009-2: Mail Relay Vulnerability


Brief Description

Specially crafted messages may be used to bypass mail relay restrictions.

Affected Platforms   

All supported platforms


•  F-Secure Messaging Security Gateway 5.5.x


An external attacker can use affected systems as mail relay by using specially crafted SMTP messages. A patch for the problem has been distributed to affected systems. The patch will be installed automatically or wait for the administrator’s approval depending on system settings. Administrators are urged to approve installation of patch 739 without delay, or verify that automatic installation of this patch has succeeded.

Mitigating Factors

The issue only affects systems where the SMTP Turbo module is used for mail distribution. Incorrectly relayed messages still pass through spam filtering, which decreases the vulnerability’s usefulness for spam relaying.

Patch Available

Product Versions        Download
F-Secure Messaging Security Gateway 5.5.x Fix available in the update channel

F-Secure deliver patches to its supported product versions that are vulnerable. See further information on supported products and F-Secure’s Product Lifecycle Policy.

Revision history: FSC-2009-06-16

Date Issued: 2009-06-16
Last Updated: 2009-06-16

Get Support online

For documentation and product support, visit our Support site.


F-Secure Community

Give advice. Get advice. Share the knowledge on our free discussion forum.