CVE-2009-5131 Information

Description

The Receive Service in Websense Email Security before 7.1 does not recognize domain extensions in the blacklist which allows remote attackers to bypass intended access restrictions and send e-mail messages via an SMTP session.

Reference

http://www.websense.com/support/article/t-kbarticle/Release-Notes-for-Websense-Email-Security-v7-1