[OT] Port 25 vulnerability

taz taz at AZTEK-ENG.COM
Fri Jan 30 15:36:49 GMT 2004

Try doing an nslookup with type=mx on amazon or microsoft or even
weldre5j.k12.co.us and then try telneting to port 25 of one of those servers
----- Original Message -----
From: "Matt Kettler" <mkettler at EVI-INC.COM>
Sent: Friday, January 30, 2004 8:15 AM
Subject: Re: [OT] Port 25 vulnerability

> At 10:04 AM 1/30/2004, you wrote:
> >I have a question about mail and port 25 in general.  I know that this is
> >really not on the mailscanner subject so if I don't get an answer that is
> >  There are lots of servers that accept email, but don't allow you to
> > telnet to port 25.
> Really? I doubt that is true... Can you name one server that will accept a
> SMTP transaction, but not a telnet to port 25 from the same host?
> >  Since port 25 is a port that mail talks on how does one secure this
> > to only allow email to talk to it and not allow the "telnet hostname 25"
> > action.  I know in this case telnet is disabled on the mail
> > server.  Sorry for being so dopey on this one.
> AFAIK it is impossible to do what you suggest.
> Telnet is a more-or-less generic client.
> As far as the mailserver is concerned, the only difference between a
> session and another mailserver, or a mailclient, is the speed of data
> It's extraordinarily difficult to tell the difference between the two.
> Besides, most attacks on mailservers aren't done using telnet, they are
> done using netcat. Blocking telnet connections doesn't really buy you
> anything of any significance security wise, and it's not possible.

More information about the MailScanner mailing list