[OT] Port 25 vulnerability

David While David.While at UCE.AC.UK
Fri Jan 30 15:44:28 GMT 2004 

I can telnet on port 25 to these machines no problem. I can't see how the software can distinguish between a genuine SMTP session from some SMTP software and an SMTP session via a telnet session. Apart from the speed there is no difference.
-----------------------------------------------------------------
David While
Technical Development Manager
Faculty of Computing, Information & English
University of Central England
Tel: 0121 331 6211
-----------------------------------------------------------------



-----Original Message-----
From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK]On
Behalf Of taz
Sent: 30 January 2004 15:37
To: MAILSCANNER at JISCMAIL.AC.UK
Subject: Re: [OT] Port 25 vulnerability


Sure.
Try doing an nslookup with type=mx on amazon or microsoft or even
weldre5j.k12.co.us and then try telneting to port 25 of one of those servers
----- Original Message -----
From: "Matt Kettler" <mkettler at EVI-INC.COM>
To: <MAILSCANNER at JISCMAIL.AC.UK>
Sent: Friday, January 30, 2004 8:15 AM
Subject: Re: [OT] Port 25 vulnerability


> At 10:04 AM 1/30/2004, you wrote:
> >I have a question about mail and port 25 in general.  I know that this is
> >really not on the mailscanner subject so if I don't get an answer that is
ok.
>
> >  There are lots of servers that accept email, but don't allow you to
> > telnet to port 25.
>
> Really? I doubt that is true... Can you name one server that will accept a
> SMTP transaction, but not a telnet to port 25 from the same host?
>
>
> >  Since port 25 is a port that mail talks on how does one secure this
port
> > to only allow email to talk to it and not allow the "telnet hostname 25"
> > action.  I know in this case telnet is disabled on the mail
> > server.  Sorry for being so dopey on this one.
>
> AFAIK it is impossible to do what you suggest.
>
> Telnet is a more-or-less generic client.
>
> As far as the mailserver is concerned, the only difference between a
telnet
> session and another mailserver, or a mailclient, is the speed of data
entry.
>
> It's extraordinarily difficult to tell the difference between the two.
>
> Besides, most attacks on mailservers aren't done using telnet, they are
> done using netcat. Blocking telnet connections doesn't really buy you
> anything of any significance security wise, and it's not possible.
>

More information about the MailScanner mailing list