[OT] Port 25 vulnerability

Ugo Bellavance ugob at CAMO-ROUTE.COM
Fri Jan 30 15:37:23 GMT 2004


> -----Message d'origine-----
> De : taz [mailto:taz at AZTEK-ENG.COM]
> Envoyé : Friday, January 30, 2004 10:37 AM
> À : MAILSCANNER at JISCMAIL.AC.UK
> Objet : Re: [OT] Port 25 vulnerability
> 
> 
> Sure.
> Try doing an nslookup with type=mx on amazon or microsoft or even
> weldre5j.k12.co.us and then try telneting to port 25 of one 
> of those servers

[ugo at host ugo]# telnet service-4.amazon.com 25
Trying 207.171.178.141...
Connected to service-4.amazon.com.
Escape character is '^]'.
220 service-4.amazon.com Generic SMTP handler


> ----- Original Message -----
> From: "Matt Kettler" <mkettler at EVI-INC.COM>
> To: <MAILSCANNER at JISCMAIL.AC.UK>
> Sent: Friday, January 30, 2004 8:15 AM
> Subject: Re: [OT] Port 25 vulnerability
> 
> 
> > At 10:04 AM 1/30/2004, you wrote:
> > >I have a question about mail and port 25 in general.  I 
> know that this is
> > >really not on the mailscanner subject so if I don't get an 
> answer that is
> ok.
> >
> > >  There are lots of servers that accept email, but don't 
> allow you to
> > > telnet to port 25.
> >
> > Really? I doubt that is true... Can you name one server 
> that will accept a
> > SMTP transaction, but not a telnet to port 25 from the same host?
> >
> >
> > >  Since port 25 is a port that mail talks on how does one 
> secure this
> port
> > > to only allow email to talk to it and not allow the 
> "telnet hostname 25"
> > > action.  I know in this case telnet is disabled on the mail
> > > server.  Sorry for being so dopey on this one.
> >
> > AFAIK it is impossible to do what you suggest.
> >
> > Telnet is a more-or-less generic client.
> >
> > As far as the mailserver is concerned, the only difference between a
> telnet
> > session and another mailserver, or a mailclient, is the 
> speed of data
> entry.
> >
> > It's extraordinarily difficult to tell the difference 
> between the two.
> >
> > Besides, most attacks on mailservers aren't done using 
> telnet, they are
> > done using netcat. Blocking telnet connections doesn't 
> really buy you
> > anything of any significance security wise, and it's not possible.
> >
> 




More information about the MailScanner mailing list