[OT] Port 25 vulnerability
Mike Kercher
mike at CAMAROSS.NET
Fri Jan 30 15:51:18 GMT 2004
# telnet maila.microsoft.com 25
Trying 131.107.3.125...
Connected to maila.microsoft.com.
Escape character is '^]'.
220 inet-imc-01.redmond.corp.microsoft.com Microsoft.com ESMTP Server Fri,
30 Jan 2004 07:43:23 -0800
quit
Connection closed by foreign host.
> -----Original Message-----
> From: MailScanner mailing list
> [mailto:MAILSCANNER at JISCMAIL.AC.UK] On Behalf Of taz
> Sent: Friday, January 30, 2004 9:37 AM
> To: MAILSCANNER at JISCMAIL.AC.UK
> Subject: Re: [OT] Port 25 vulnerability
>
> Sure.
> Try doing an nslookup with type=mx on amazon or microsoft or
> even weldre5j.k12.co.us and then try telneting to port 25 of
> one of those servers
> ----- Original Message -----
> From: "Matt Kettler" <mkettler at EVI-INC.COM>
> To: <MAILSCANNER at JISCMAIL.AC.UK>
> Sent: Friday, January 30, 2004 8:15 AM
> Subject: Re: [OT] Port 25 vulnerability
>
>
> > At 10:04 AM 1/30/2004, you wrote:
> > >I have a question about mail and port 25 in general. I know that
> > >this is really not on the mailscanner subject so if I don't get an
> > >answer that is
> ok.
> >
> > > There are lots of servers that accept email, but don't
> allow you to
> > > telnet to port 25.
> >
> > Really? I doubt that is true... Can you name one server that will
> > accept a SMTP transaction, but not a telnet to port 25 from
> the same host?
> >
> >
> > > Since port 25 is a port that mail talks on how does one
> secure this
> port
> > > to only allow email to talk to it and not allow the
> "telnet hostname 25"
> > > action. I know in this case telnet is disabled on the
> mail server.
> > > Sorry for being so dopey on this one.
> >
> > AFAIK it is impossible to do what you suggest.
> >
> > Telnet is a more-or-less generic client.
> >
> > As far as the mailserver is concerned, the only difference between a
> telnet
> > session and another mailserver, or a mailclient, is the
> speed of data
> entry.
> >
> > It's extraordinarily difficult to tell the difference
> between the two.
> >
> > Besides, most attacks on mailservers aren't done using telnet, they
> > are done using netcat. Blocking telnet connections doesn't
> really buy
> > you anything of any significance security wise, and it's
> not possible.
> >
>
More information about the MailScanner
mailing list