Home Uncategories simple way to test your own SMTP gateway

simple way to test your own SMTP gateway

Add Comment Edit
Here is a simple way to test your own SMTP gateway if it allows forged emails to be relayed through it.

Let’s pretend to run what a typical attacker would run from their fictive domain anybody.dom (their commands are in bold red).

# telnet myhost.blah.dom 25

Trying 192.211.105.15...
Connected to myhost.blah.dom.
Escape character is '^]'.
220 myhost.blah.dom ESMTP
ehlo anybody.dom
250-myhost.blah.dom
250-PIPELINING
250-SIZE 61440000
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
MAIL FROM:attacker@mydomain.dom
250 2.1.0 Ok
RCPT TO:user@myhost.blah.dom
250 2.1.5 Ok
DATA
354 End data with <CR><LF>.<CR><LF>
Hello Friend,

Did you get this?

Attacker
.
250 2.0.0 Ok: queued as 64D239EF0014
quit
221 2.0.0 Bye

Connection closed by foreign host.
SHARE

sangeethakumar

  • Image
  • Image
  • Image
  • Image
  • Image
    Blogger Comment
    Facebook Comment

0 comments:

Post a Comment

Subscribe to: Post Comments ( Atom )