Penetration Testing mailing list archives
Re: Securing Insecure SMTP
From: "Zed Qyves" <zqyves.spamtrap () gmail com>
Date: Mon, 6 Oct 2008 09:50:40 +0300
Hello, It is not as easy as forwarding the connection as you still have to pass the SSL negotiation on the server side. As such if the client only speaks "pure" SMTP and does not cater for the SSL initialisation part you will not have any luck with port forwarding. Try STunnel (www.stunnel.org) or google for ssl proxy instead. Best Regards, ./ZQ On 10/6/08, Ahmed Zaki <ahmedmzaki () gmail com> wrote:
Hi all I am presented with a client software that attempts to connect to an smtp on port 25 . The good part is the smtp server does not accept connections on port 25 instead it uses the SSL smtp port. What I probably need is to proxy the outgoing connections to port 25 so that they go to the other port . Any recommendations on how to achieve that ? Regards ------------------------------------------------------------------------ This list is sponsored by: Cenzic Top 5 Common Mistakes in Securing Web Applications Get 45 Min Video and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------
-- --------------------------------------------------------------------- Κρέων ἐν τῇδ᾽ ἔφασκε γῇ· τὸ δὲ ζητούμενον ἁλωτόν, ἐκφεύγειν δὲ τἀμελούμενον. Οιδίπους Τύρρανος [110] --------------------------------------------------------------------- Creon In this our land, so said he, those who seek Shall find; unsought, we lose it utterly. Oedipus Rex [110] ---------------------------------------------------------------------
Current thread:
- Securing Insecure SMTP Ahmed Zaki (Oct 05)
- Re: Securing Insecure SMTP Robert Marquardt (Oct 05)
- RE: Securing Insecure SMTP Iacob, George M (Oct 06)
- Re: Securing Insecure SMTP David Howe (Oct 06)
- Re: Securing Insecure SMTP Danny Fullerton (Oct 06)
- Re: Securing Insecure SMTP Robin Wood (Oct 06)
- RE: Securing Insecure SMTP Shenk, Jerry A (Oct 06)
- Re: Securing Insecure SMTP Ahmad Taha (Oct 06)
- Re: Securing Insecure SMTP Zed Qyves (Oct 06)
- Re: Securing Insecure SMTP Robert Marquardt (Oct 05)