Looking for open smtp service
backtrack 5 r1
root@bt:~# nmap -sC -sS IP-Address
Starting Nmap 5.61TEST4 ( http://nmap.org ) at 2011-04-11 10:02 BST
Nmap scan report for IP Address
Host is up (0.00038s latency).
Not shown: 991 closed ports
PORT STATE SERVICE
23/tcp open telnet
25/tcp open smtp
smtpscan is a remote SMTP server version detector. It can
be used to guess which mail software is used on a remote
server, that may hide its SMTP banner
root@bt:~# smtpscan IP Address
smtpscan version @VERSION@
15 tests available
3184 fingerprints in the database
Scanning IP Address (IP Address) port 25
220 IP-Address Microsoft ESMTP MAIL Service, Version: 6.0.2600.5512 ready at 2011-04-11 10:02 +0100
SMTP server corresponding :
– Microsoft ESMTP MAIL Service, Version 6.0.3718.0 (Exchange 2003)
testing if you can send e-mail from this discovered open service.
root@bt:~# telnet IP Address 25
Trying IP Address…
Connected to IP Address.
Escape character is ‘^]’.
220 IP Address Microsoft ESMTP MAIL Service, Version: 6.0.2600.5512 ready at 2011-04-11 10:02 +0100
(250 IP Address Hello [IP Address])
(250 2.1.0 email@example.com….Sender OK)
rcpt to:firstname.lastname@example.org (This is the address your sending to)
rcpt to:email@example.com (Add another and so on to send to more.)
(250 2.1.5 firstname.lastname@example.org)
(354 Start mail input; end with a . on its’ own line)
subject: TEST (then press enter twice)
Type any message you like here
(250 2.6.0 <IP Address> Queued mail for delivery)
(221 2.0.0 IP Address Service closing transmission channel)
Connection closed by foreign host.
Received e-mail in our inbox
From: “email@example.com” <firstname.lastname@example.org>
Sent: 2011-04-11 10:02
hello this is a test
If you have received an e-mail it means that Relay restrictions have been set to all. This is regarded as risk as could be used to send spam.
To view Relay restrictions options in Windows.
Administrative Tools / Internet Information Services / local computer / Default SMTP Virtual Server – right click Properties / Access tab / Relay… (Options here)
If you see 550 5.7.1 Unable to relay for email@example.com = Relay set to Only list below. This will block the ability to send spam.