Mail Relay Problem
Impact
Older versions of the sendmail program did not provide sufficient
safeguards against mailcious users sending spam mail through a third
party computer. Further, the spam mail will often have a forged source
address.
Background
Until 1999, most implementations of sendmail and its clones provided
little checking of source and destination addresses. For example a user on
host A could use the sendmail on Host B sending mail to a user on Host C
with a source email address from Host D. In other words, A hacker on
foo.bar.com would use the sendmail at host1.swip.se to send a message
5,000 users with the source address of president@whitehouse.gov.
Resolution
Vendor and Web server patches and workarounds to protect against this
vulnerability are available. If your vendor does not have an upgrade,
current versions of sendmail from sendmail.org.