if you telnet prot 25 on www.eqube.ca, you can use RCPT MAIL to forge some emails.
just wonder if this is a potiential risk or might be used by Spam?
If so, how can I stop/block it?
Thanks ahead of time, 1st time to post.
Printable View
if you telnet prot 25 on www.eqube.ca, you can use RCPT MAIL to forge some emails.
just wonder if this is a potiential risk or might be used by Spam?
If so, how can I stop/block it?
Thanks ahead of time, 1st time to post.
Yes this is used by spammers.
You can change the relay flag to prevent this, and other ways depending on network configuration.
Worse, if your host makes it to a spammer known relay list, you will end up on various spam black lists and your domain will not be able to send e-mail to domains who use blacklists to cut down on spam. Many, many places use these lists btw.
--TH13
Thanks, I made sure it's not open relay.
I use InterScan VirusWall NT and could not find some decumentation about it, but I will sepnd some time to make it secure.
IS any good book or site on this topic? Thanks again.
I'm not going to test it sufficiently to show you an active account of mine...
But the response to a:-
rcpt to: [email protected]
receives a:-
250 recipient ok
You have an open relay or a honeypot...
If you don't have a honeypot.... well... you decide...
SamSpade:
03/31/06 22:40:31 SMTP Relay Check @ eqube.ca
Contacting 68.146.204.228
Failed to establish connection
and
NC:
eqube.ca [68.146.204.228] 25 (smtp): TIMEDOUT
sent 0, rcvd 0: NOTSOCK
what's up with that? i guess that's one way to solve your problem!
Hmmm.. as of 30 seconds ago....
Quote:
220 sgc-cal-002 InterScan VirusWall NT ESMTP 3.55 (build 1016) ready at Fri, 31
Mar 2006 20:47:57 -0700
i just tried again...same thing! maybe his cable co dont like mine?
That’s really funny ...
I scanned it, gotWhen I used a command prompt;Quote:
220 sgc-cal-002 In Scan VirusWall NT ESMTP 3.55 ( build 1016) ready at Sat, 01 Apr 2006 XX:XX:XX -XXXX
telnet 68.146.204.228 25 it opened a session.
Something is rotten in Denmark ( is that where his local time says he is? )
Quote:
Originally posted here by Tedob1
i just tried again...same thing! maybe his cable co dont like mine?
Are you sure your ISP doesn't block outgoing port 25 except to its own SMTP relays?
I know I got bit quite a few times when trying to diagnose other servers and forgot that my ISP filters out outbound 25...
Ammo
ah crap...your right! at work today no probs. when in hell did they start doing that...damme!
Tedob:
Have you been wondering why no-one talks to you by email any more? That mailserver you have in the house is just a doorstop now... *giggle*
thanks guys, I did not come here for last few days.
when always can connect to port 25 through telnet, I am new, and I talked to our admin about possible risk, but he doesnt think there is any problem, he said:"I submitted our e-mail server to a relay test that and essentially what it does is this service tries to use our e-mail server as a relay. The results are below and it's negative."
The email from ORDB:
"This is an automatically generated email
The host you submitted at ORDB.org (68.146.204.228), has been thoroughly checked, and does not seem to permit relaying.
Please note however, that this may be caused by extreme delays at the servers end.
Should we at a later time receive one of our testing emails from the
server you submitted, you will receive another email, telling you that
the server is in fact an open relay. In that case, please disregard this
email."
I dont think there is honeypot.
Quote:
Originally posted here by Tiger Shark
Tedob:
Have you been wondering why no-one talks to you by email any more? That mailserver you have in the house is just a doorstop now... *giggle*
and here i thought that i was doing such a great job filtering ;-)