COMMAND

    AS/400

SYSTEMS AFFECTED

    AS/400+domino

PROBLEM

    Joachim Larsson found following.  He played around with smtp on  a
    as/400+domino machine and found two obvious bugs.

    1:  telnet  (host)  25,  then  start  feeding chars.  After  about
        200-300  chars  the  smtp-subsystem  will  die,  needing to be
        restarted.

    2:  change your replyto-address and fromaddress to an non-existing
        user/domain  then  mail  to   an  non-existing  user  on   the
        400/domino.   This  will  cause  the  mail  to  loop endlessly
        between the smtp-subsystem and the domino subsystem.

    This is for general knowledge only, trying to "force" people  with
    400/domino to react and secure their machines.  This causes to die
    only Lotus Domino 4.6.1.

    Joachim Larsson found this on  non domino smtp daemons on  as400's
    also.   This worked  on as400  3.X.   Spam represents  big problem
    here.

SOLUTION

    It's a somewhat simple solution to fix (just turn the SMTP service
    back on), but SMTP can be  shut off across the network.   In fact,
    you can disable mail forwarding, and thereby avoid the Spam threat
    by adding this undocumented parameter to the notes.ini file:

        SMTPMTA_REJECT_RELAYS=1

    Any mail forwarding will bounce directly back to the sender.