Re: Mail Relay / Open Mail Replay

[Andy Meyers <andy.meyers () hushmail com>]

Absolutely. He can still send phish to employees within the company.
Receiving an email from another user within the company, could make the
user trust this email even more than outside the company.

Not to even mention spear phishing.

On 10/2/11 8:25 AM, "informationhacker08" <informationhacker08 () gmail com>
wrote:

> Suppose there is Mail server having port 25 open xyz.com
> an attacker login on Mail server  through telnet and then try to send the
> mail but the he can
> only send a mail within the xyz company not outside ..so this will be
> consider as Vulnerability or not
>
> eg. telnet xyz.com
> mail from:<dddd () ddddd com>
> mail rcpt :<vbn () xyz com>--->only within  the network not outside realying
> the mail 
>
> -- 
> View this message in context:
> http://old.nabble.com/Mail-Relay---Open-Mail-Replay-tp32578740p32578740.ht
> ml
> Sent from the Penetration Testing mailing list archive at Nabble.com.
>
>
> ------------------------------------------------------------------------
> This list is sponsored by: Information Assurance Certification Review
> Board
>
> Prove to peers and potential employers without a doubt that you can
> actually do a proper penetration test. IACRB CPT and CEPT certs require a
> full practical examination in order to become certified.
>
> http://www.iacertification.org
> ------------------------------------------------------------------------




------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------