control – smtp

Looking for open smtp service

backtrack 5 r1

root@bt:~# nmap -sC -sS IP-Address

Starting Nmap 5.61TEST4 ( http://nmap.org ) at 2011-04-11 10:02 BST
Nmap scan report for IP Address
Host is up (0.00038s latency).
Not shown: 991 closed ports
PORT     STATE SERVICE
23/tcp   open  telnet
25/tcp   open  smtp

=========================================

smtpscan is a remote SMTP server version detector. It can
be used to guess which mail software is used on a remote
server, that may hide its SMTP banner

root@bt:~# smtpscan IP Address
smtpscan version @VERSION@

15 tests available
3184 fingerprints in the database

Scanning IP Address (IP Address) port 25
15/15

Result —
503:250:501:250:501:250:250:214:252:500:530:500:500:250:250

Banner :
220 IP-Address Microsoft ESMTP MAIL Service, Version: 6.0.2600.5512 ready at  2011-04-11 10:02 +0100

SMTP server corresponding :
– Microsoft ESMTP MAIL Service, Version 6.0.3718.0 (Exchange 2003)

=========================================
testing if you can send e-mail from this discovered open service.

root@bt:~# telnet IP Address 25
Trying IP Address…
Connected to IP Address.
Escape character is ‘^]’.
220 IP Address Microsoft ESMTP MAIL Service, Version: 6.0.2600.5512 ready at  2011-04-11 10:02 +0100

helo

(250 IP Address Hello [IP Address])

mail from:test@hotmail.com

(250 2.1.0 test@hotmail.com….Sender OK)

rcpt to:test@yahoo.com (This is the address your sending to)

rcpt to:test-address2@yahoo.com (Add another and so on to send to more.)

(250 2.1.5 test@yahoo.com)

data

(354 Start mail input; end with a . on its’ own line)

subject: TEST  (then press enter twice)

Type any message you like here
.

(250 2.6.0 <IP Address> Queued mail for delivery)

quit

(221 2.0.0 IP Address Service closing transmission channel)

Connection closed by foreign host.

=========================================

Received e-mail in our inbox

From: “test@hotmail.com” <test@hotmail.com>
To:
Sent: 2011-04-11 10:02
Subject:

hello this is a test
.

=========================================

If you have received an e-mail it means that  Relay restrictions have been set to all. This is regarded as risk as could be used to send spam.

To view Relay restrictions options in Windows.
Administrative Tools / Internet Information Services / local computer / Default SMTP Virtual Server – right click Properties / Access tab / Relay… (Options here)

If you see 550 5.7.1 Unable to relay for test@yahoo.com = Relay set to Only list below. This will block the ability to send spam.

One thought on “control – smtp

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s