Port 25 vulnerability

taz taz at AZTEK-ENG.COM
Fri Jan 30 16:40:50 GMT 2004 

That would be the problem then.  I am dial up, but will be on a T1 in about
an hour.
----- Original Message -----
From: "Randal, Phil" <prandal at HEREFORDSHIRE.GOV.UK>
To: <MAILSCANNER at JISCMAIL.AC.UK>
Sent: Friday, January 30, 2004 9:06 AM
Subject: Re: Port 25 vulnerability


> I'd guess the only way to differentiate is timing.
>
> When you telnet in, there's some delay before you send any commands.
>
> Phil
>
> ---------------------------------------------
> Phil Randal
> Network Engineer
> Herefordshire Council
> Hereford, UK
>
> > -----Original Message-----
> > From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK]On
> > Behalf Of Bill Omer
> > Sent: 30 January 2004 16:02
> > To: MAILSCANNER at JISCMAIL.AC.UK
> > Subject: Re: Port 25 vulnerability
> >
> >
> > The only thing I can think of to do this would have to be done on the
> > packet level.  Something could be made that monitors traffic
> > on port 25.
> > There would have to be a difference in the packets generated by an MUA
> > vs packets generated by a telnet client.  Based on that information, a
> > connection could be dropped when it's triggered.  I guess it could be
> > possible to use tcpdump to do this, if there is a difference in the
> > packets.
> >
> > -B
> >
> > -----Original Message-----
> > From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK] On
> > Behalf Of taz
> > Sent: Friday, January 30, 2004 9:05 AM
> > To: MAILSCANNER at JISCMAIL.AC.UK
> > Subject: Port 25 vulnerability
> >
> >
> > I have a question about mail and port 25 in general.  I know that this
> > is really not on the mailscanner subject so if I don't get an answer
> > that is ok.  There are lots of servers that accept email, but don't
> > allow you to telnet to port 25.  Since port 25 is a port that
> > mail talks
> > on how does one secure this port to only allow email to talk to it and
> > not allow the "telnet hostname 25" action.  I know in this case telnet
> > is disabled on the mail server.  Sorry for being so dopey on this one.
> >
> > Thanks,
> > Travis
> >
>

More information about the MailScanner mailing list