Port 25 vulnerability
Bill Omer
bill at DISTMIRR.COM
Fri Jan 30 16:01:37 GMT 2004
The only thing I can think of to do this would have to be done on the
packet level. Something could be made that monitors traffic on port 25.
There would have to be a difference in the packets generated by an MUA
vs packets generated by a telnet client. Based on that information, a
connection could be dropped when it's triggered. I guess it could be
possible to use tcpdump to do this, if there is a difference in the
packets.
-B
-----Original Message-----
From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK] On
Behalf Of taz
Sent: Friday, January 30, 2004 9:05 AM
To: MAILSCANNER at JISCMAIL.AC.UK
Subject: Port 25 vulnerability
I have a question about mail and port 25 in general. I know that this
is really not on the mailscanner subject so if I don't get an answer
that is ok. There are lots of servers that accept email, but don't
allow you to telnet to port 25. Since port 25 is a port that mail talks
on how does one secure this port to only allow email to talk to it and
not allow the "telnet hostname 25" action. I know in this case telnet
is disabled on the mail server. Sorry for being so dopey on this one.
Thanks,
Travis
More information about the MailScanner
mailing list