Wednesday, September 10, 2008

Telnet 25 - The Scary Basics

Sometimes the easiest tasks can sound the most daunting at first. Take for example sending mail via telnet. It is a great tool for testing connectivity and relay permissions. Following the screenshot below, you can see that we can use nslookup, and set the type to mx. This type is the mailexchanger.

This will show you essentially the internet accessible mail connection point for whatever domain you enter. If you run this outside of the company you are querying, you could very well hit something that doesn't resemble your company whatsoever. This is likely a third party company that resides between the company and the outside world. The reason for this is spam filtration, security, and virus checking typically. A couple examples of these are Postini (now owned by Google I believe), and Messagelabs (an EXCELLENT solution offered by Azaleos as ProtectXchange).

After you telnet to this address on port 25, you will see the following:


As seen above, we type ehlo domain.com to identify ourselves, and then to begin to form our message.

MAIL FROM:test@domain.com <--Sender. This is essentially spoofing an address.
RCPT TO:test2@domain.com <--Recipient. This is whole will receive the test message.
250 2.1.0 Sender OK <--- Sender checks out. If it doesn't, the open relay could be close (good unless its intended)
data <-- Initiates data entry.
Subject:Test Subject
datadata
. to end the data entry.

The mail sends out and viola here it is!



No comments: