Why does a message with more than three null characters at the end of it stop SMTP functioning?

  1. Home
  2. Knowledge Base
  3. GMS
  4. Why does a message with more than three null characters at the end of it stop SMTP functioning?

Question

There is a message coming in to the GMS system with 450 null characters at the end of it. Every time the remote system tries to send it through, SMTP just stops responding.

This transaction is not a standard Internet command and is a way used by hackers in an attempt to gain unauthorised control of your system. No control of GMS can be obtained using this type of attack. When an attack takes place, the automatic detection system is activated and the transaction suspended (which is why SMTP stops responding). The
system then recovers the situation and continues as usual.

Answer

The problem has been identified to be the presence of three or more null characters at the end of an email. The software has been updated to cope with the situation more gracefully (i.e. terminate the session rather than suspend it).

There are two solutions:

  • Download and install the patch available on our web site for build 3037. A list of patches can be found here.
  • Upgrade your software to a build of 3075 or greater.

See Also:

Keywords:SMTP service terminating unexpected null

Was this article helpful?

Related Articles