Lotus Information for VU#176972
Lotus Domino SMTP Server Allows Anonymous Relay of Quoted Addresses
Lotus is tracking this issue as SPR# MLOT4THVGP and a fix is planned for an upcoming Quarterly Maintenance Release (QMR). When this issue is addressed, it will be posted in the Fix List Database at http://www.notes.net/r5fixlist.nsf. Lotus has documented this issue in Technote # 184810, "Use of Domino SMTP Server as an Open Relay", which is posted to the Knowledge Base at http://support.lotus.com/sims2.nsf/eb5fbc0ab175cf0885256560005206cf/a26c16841a26b2ae85256a02007cdf5d?OpenDocument&Highlight=0,184810.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.