[OT] Port 25 vulnerability
Ugo Bellavance
ugob at CAMO-ROUTE.COM
Fri Jan 30 15:37:23 GMT 2004
> -----Message d'origine-----
> De : taz [mailto:taz at AZTEK-ENG.COM]
> Envoyé : Friday, January 30, 2004 10:37 AM
> À : MAILSCANNER at JISCMAIL.AC.UK
> Objet : Re: [OT] Port 25 vulnerability
>
>
> Sure.
> Try doing an nslookup with type=mx on amazon or microsoft or even
> weldre5j.k12.co.us and then try telneting to port 25 of one
> of those servers
[ugo at host ugo]# telnet service-4.amazon.com 25
Trying 207.171.178.141...
Connected to service-4.amazon.com.
Escape character is '^]'.
220 service-4.amazon.com Generic SMTP handler
> ----- Original Message -----
> From: "Matt Kettler" <mkettler at EVI-INC.COM>
> To: <MAILSCANNER at JISCMAIL.AC.UK>
> Sent: Friday, January 30, 2004 8:15 AM
> Subject: Re: [OT] Port 25 vulnerability
>
>
> > At 10:04 AM 1/30/2004, you wrote:
> > >I have a question about mail and port 25 in general. I
> know that this is
> > >really not on the mailscanner subject so if I don't get an
> answer that is
> ok.
> >
> > > There are lots of servers that accept email, but don't
> allow you to
> > > telnet to port 25.
> >
> > Really? I doubt that is true... Can you name one server
> that will accept a
> > SMTP transaction, but not a telnet to port 25 from the same host?
> >
> >
> > > Since port 25 is a port that mail talks on how does one
> secure this
> port
> > > to only allow email to talk to it and not allow the
> "telnet hostname 25"
> > > action. I know in this case telnet is disabled on the mail
> > > server. Sorry for being so dopey on this one.
> >
> > AFAIK it is impossible to do what you suggest.
> >
> > Telnet is a more-or-less generic client.
> >
> > As far as the mailserver is concerned, the only difference between a
> telnet
> > session and another mailserver, or a mailclient, is the
> speed of data
> entry.
> >
> > It's extraordinarily difficult to tell the difference
> between the two.
> >
> > Besides, most attacks on mailservers aren't done using
> telnet, they are
> > done using netcat. Blocking telnet connections doesn't
> really buy you
> > anything of any significance security wise, and it's not possible.
> >
>
More information about the MailScanner
mailing list