Re: Re: Sender Spoofing via SMTP

["Bryan S. Sampsel" <bsampsel () libertyactivist org>]

OK.  You seem to have a misconception.

When you're using a telnet client to connect to TCP port 25, you're not
connecting to a telnet service.  You're connecting to the SMTP service. 
The telnet service only listens on TCP port 23 (in default configuration).

The old main frame type applications did a lot of telnet-like interaction.
 Terminal servers that run/ran serial printers are a great example.  The
server wanting to print to the printer on the terminal server would telnet
to the TCP port of the terminal server that correlated to the printer and
send its data to the printer that route.  Looking at the packets in
something like Ethereal or Sniffer, it looks a lot like a telnet session.

SMTP does the same thing.  If you didn't want a client or MTA or whatever
to handle your email, you could telnet directly to a port and punch in all
the legitimate commands.  Return addresses can be faked.  With a mail
client or without.

More modern mail implementations either have their own methods of dealing
with this or you set up alternative methods of rejecting the mail (Spam
Assassin, grey lists, etc).

I hope that helps you get a better picture of things...

Sincerely,

Bryan S. Sampsel
LibertyActivist.org


brandon.steili () gmail com wrote:
> Unfortunately this has already been done. Windows Server 2003 in it's
> default configuration ships with the Telnet Service disabled. Unless I'm
> missing something (like another service? - or executable ) it is shut off
> despite the fact that it still works.