[OT] Port 25 vulnerability

Matt Kettler mkettler at EVI-INC.COM
Fri Jan 30 15:15:27 GMT 2004

At 10:04 AM 1/30/2004, you wrote:
>I have a question about mail and port 25 in general.  I know that this is
>really not on the mailscanner subject so if I don't get an answer that is ok.

>  There are lots of servers that accept email, but don't allow you to
> telnet to port 25.

Really? I doubt that is true... Can you name one server that will accept a
SMTP transaction, but not a telnet to port 25 from the same host?

>  Since port 25 is a port that mail talks on how does one secure this port
> to only allow email to talk to it and not allow the "telnet hostname 25"
> action.  I know in this case telnet is disabled on the mail
> server.  Sorry for being so dopey on this one.

AFAIK it is impossible to do what you suggest.

Telnet is a more-or-less generic client.

As far as the mailserver is concerned, the only difference between a telnet
session and another mailserver, or a mailclient, is the speed of data entry.

It's extraordinarily difficult to tell the difference between the two.

Besides, most attacks on mailservers aren't done using telnet, they are
done using netcat. Blocking telnet connections doesn't really buy you
anything of any significance security wise, and it's not possible.

More information about the MailScanner mailing list