RE: TELNET and SMTP

["Levenglick, Jeff" <JLevenglick () fhlbatl com>]

Thomas,

Why would you close port 25? Silly statement. Why is everybody thinking
that port 25 is unprotected when he got the 'standard' 553:no relay
message? Someone at least turned on a few relay options on the mail
configuration. (which is better then an open relay)

Btw.. Open relay would have been the correct term to use if he could
have sent an email instead of getting the no relay. (assuming that he
forged the from field..ect)

Best thing for him is to go to  www.sendmail.org and read the FAQ's for
relay.

To be honest, I was worried about this statement:

"2)What purpose do you believe that the SMTP 
> service provides? Does the SMTP simply recieve!?!? Thank you all,
Zach"

If he is passing himself off to a company as an experienced security
person and he does not know something simple as SMTP then I think he
needs to move on to something else.

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Thomas W Shinder
Sent: Saturday, July 07, 2007 7:41 PM
To: pen-test () securityfocus com
Cc: Deus, Attonbitus; Greg Mulholland; jim () isatools org; Steve Moffat
Subject: RE: TELNET and SMTP

An unprotected port? You need to be very careful because "port
attackers" and do awful things to ports. That's why we do "port scans"
to look for "ports" we can take advantage of. That's why we have
"hardware" firewalls, because they allow us to "open" and "close"
"ports". 

Let the software guyz worry about any services might be located behind
those "ports" -- remember the "hardware" firewalls will protect our
"ports"!

NOT.

Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7
MVP -- Microsoft Firewalls (ISA)

 

> -----Original Message-----
> From: listbounce () securityfocus com 
> [mailto:listbounce () securityfocus com] On Behalf Of wymerzp () sbu edu
> Sent: Saturday, July 07, 2007 7:31 AM
> To: pen-test () securityfocus com
> Subject: TELNET and SMTP
>
> Hello all,
>
> I'm looking at a client's site and they have unprotected 
> access to port 25 (i.e. I can telnet to it and issue 
> commands). When I attempt to send an email I get this message 
> '553 Relaying is not supported'. My question is two-fold: 
> 1)What could I do with the unprotected SMTP access if I can't 
> send mail. 2)What purpose do you believe that the SMTP 
> service provides? Does the SMTP simply recieve!?!? Thank you all, Zach
>
> --------------------------------------------------------------
> ----------
> This List Sponsored by: Cenzic
>
> Swap Out your SPI or Watchfire app sec solution for
> Cenzic's robust, accurate risk assessment and management
> solution FREE - limited Time Offer
>
> http://www.cenzic.com/wf-spi
> --------------------------------------------------------------
> ----------

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Swap Out your SPI or Watchfire app sec solution for
Cenzic's robust, accurate risk assessment and management
solution FREE - limited Time Offer

http://www.cenzic.com/wf-spi
------------------------------------------------------------------------

-----------------------------------------
This e-mail message is private and may contain confidential or
privileged information.

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Swap Out your SPI or Watchfire app sec solution for
Cenzic's robust, accurate risk assessment and management
solution FREE - limited Time Offer

http://www.cenzic.com/wf-spi
------------------------------------------------------------------------