RE: TELNET and SMTP

From: Richard Lane (lane.security@gmail.com)
Date: Sun Jul 08 2007 - 00:58:57 EDT


Zach,

Just out of interest, you state that you weren't able to send an e-mail.
Were the source or destination addresses within your client's domain? Try
sending an "internal" email and see if you get the same response. If not,
then this can be used to send spoofed mail within the organisation.... e.g.
from HR to an employee supposedly firing them, or from the CEO to the cute
secretary in one of the departments harassing her sexually (the list goes
on).

-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com] On
Behalf Of wymerzp@sbu.edu
Sent: 07 July 2007 22:31
To: pen-test@securityfocus.com
Subject: TELNET and SMTP

Hello all,

I'm looking at a client's site and they have unprotected access to port 25
(i.e. I can telnet to it and issue commands). When I attempt to send an
email I get this message '553 Relaying is not supported'. My question is
two-fold: 1)What could I do with the unprotected SMTP access if I can't send
mail. 2)What purpose do you believe that the SMTP service provides? Does the
SMTP simply recieve!?!? Thank you all, Zach

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Swap Out your SPI or Watchfire app sec solution for
Cenzic's robust, accurate risk assessment and management
solution FREE - limited Time Offer

http://www.cenzic.com/wf-spi
------------------------------------------------------------------------

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Swap Out your SPI or Watchfire app sec solution for
Cenzic's robust, accurate risk assessment and management
solution FREE - limited Time Offer

http://www.cenzic.com/wf-spi
------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:56 EDT