-
March 31st, 2006, 10:08 PM
#1
Junior Member
smtp 25 telnet access
if you telnet prot 25 on www.eqube.ca, you can use RCPT MAIL to forge some emails.
just wonder if this is a potiential risk or might be used by Spam?
If so, how can I stop/block it?
Thanks ahead of time, 1st time to post.
-
March 31st, 2006, 10:14 PM
#2
Yes this is used by spammers.
You can change the relay flag to prevent this, and other ways depending on network configuration.
-
March 31st, 2006, 10:19 PM
#3
Worse, if your host makes it to a spammer known relay list, you will end up on various spam black lists and your domain will not be able to send e-mail to domains who use blacklists to cut down on spam. Many, many places use these lists btw.
--TH13
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
-
March 31st, 2006, 10:47 PM
#4
Junior Member
Thanks, I made sure it's not open relay.
I use InterScan VirusWall NT and could not find some decumentation about it, but I will sepnd some time to make it secure.
IS any good book or site on this topic? Thanks again.
-
March 31st, 2006, 10:53 PM
#5
I'm not going to test it sufficiently to show you an active account of mine...
But the response to a:-
rcpt to: noone@where.com
receives a:-
250 recipient ok
You have an open relay or a honeypot...
If you don't have a honeypot.... well... you decide...
Don\'t SYN us.... We\'ll SYN you.....
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
-
April 1st, 2006, 04:49 AM
#6
SamSpade:
03/31/06 22:40:31 SMTP Relay Check @ eqube.ca
Contacting 68.146.204.228
Failed to establish connection
and
NC:
eqube.ca [68.146.204.228] 25 (smtp): TIMEDOUT
sent 0, rcvd 0: NOTSOCK
what's up with that? i guess that's one way to solve your problem!
Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”
-
April 1st, 2006, 04:55 AM
#7
Hmmm.. as of 30 seconds ago....
220 sgc-cal-002 InterScan VirusWall NT ESMTP 3.55 (build 1016) ready at Fri, 31
Mar 2006 20:47:57 -0700
Don\'t SYN us.... We\'ll SYN you.....
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
-
April 1st, 2006, 08:05 AM
#8
i just tried again...same thing! maybe his cable co dont like mine?
Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”
-
April 1st, 2006, 09:24 AM
#9
That’s really funny ...
I scanned it, got
220 sgc-cal-002 In Scan VirusWall NT ESMTP 3.55 ( build 1016) ready at Sat, 01 Apr 2006 XX:XX:XX -XXXX
When I used a command prompt;
telnet 68.146.204.228 25 it opened a session.
Something is rotten in Denmark ( is that where his local time says he is? )
" And maddest of all, to see life as it is and not as it should be" --Miguel Cervantes
-
April 1st, 2006, 02:43 PM
#10
Originally posted here by Tedob1
i just tried again...same thing! maybe his cable co dont like mine?
Are you sure your ISP doesn't block outgoing port 25 except to its own SMTP relays?
I know I got bit quite a few times when trying to diagnose other servers and forgot that my ISP filters out outbound 25...
Ammo
Credit travels up, blame travels down -- The Boss
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|