RE: How to stop telnet access, spamming
- From: "Walkowiak, Matt" <Matt.Walkowiak@xxxxxxxxxxxx>
- To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
- Date: Thu, 27 Jun 2002 15:41:21 -0500
There was some discussion on this list a few days ago about sending mail
on behalf of another - try checking the archives if you have just
recently joined the list. Also, this might be the work of the Klex or
Kletz (or however it's spelled) virus - I have not studied this virus
much because (thank God) I have not had to clean anyone's computers of
it.
Matt Walkowiak
-----Original Message-----
From: Arif, Aboo M [mailto:Aboo@xxxxxxxxxxxxxxxxxx]
Sent: Thursday, June 27, 2002 2:18 AM
To: [ExchangeList]
Subject: [exchangelist] RE: How to stop telnet access, spamming
http://www.MSExchange.org/ - Re-Vamped!
Hi Matt
Thanks for the mail. My server was relay protected and it was tested
using telnet. Presently my problem is X user is getting mails from Y
user which has not been sent by Y. Both X and Y are in my organization.
While I traced the Internet Headers using outlook it is showing it has
received from some outside domains. They are sending on behalf of my
internal user. I have blocked the at addresses using firewall and IMS
message Filtering. Other than this is there any way to stop this ?. Is
this is Spamming?
Expecting your reply
Regards
Arif
-----Original Message-----
From: Walkowiak, Matt [mailto:Matt.Walkowiak@xxxxxxxxxxxx]
Sent: Wednesday, June 26, 2002 8:33 PM
To: [ExchangeList]
Subject: [exchangelist] RE: How to stop telnet access, spamming
http://www.MSExchange.org/ - Re-Vamped!
Arif-
Telnet is just a tool that can have one computer talk to another
computer on a specified port. The default port that telnet runs on is
23, but the "standard" telnet program lets one choose what port the user
wants to talk on, for instance, 25 for SMTP, 80 for HTTP, 110 for POP3,
113 for AUTH...
One of the ways messaging system admins do some quick checks on
connectivity is to use telnet to see if they can see an SMTP server out
on the Internet. We use the following command:
telnet mail.domain.com 25
And we expect to get a 220 response, basically the remote SMTP server
saying, "Hello, How's it going?"
Another way to use the telnet command is to do a very low-level test to
see if an SMTP server is an open relay. These are the commands that we
use for this test:
telnet mail.domain.com 25
get a 220 response
helo localdomain.com
get a 250 response (this is a positive response)
mail from:asdf@xxxxxxxx (this is some random e-mail addy - doesn't
matter other than it needs to be formatted correctly)
get a 250 response
rcpt to:ARealE-mailAddy@xxxxxxxxxxxxxxx (this is an e-mail addy that you
can check - since you are sending an actual message, you want to know if
you got the message, right?)
get a 550 response - Relaying is prohibited.
Ok, the remote SMTP server just yelled at me for trying to exploit it,
and put me in my place!
So, turning off "telnet" will do nothing good for you. If you turn off
port 25, then you would get NO mail, good or bad. To keep your server
from being a spam relay, do a search on MS's site for "spam relay".
They have a few good articles. I would also bet that msexchange.org has
some good stuff, too.
If you are trying to stop people sending you spam, that's a little more
tricky. Check out imgate.meiway.org - a guy named Len Conrad wrote some
good directions on how to use a FreeBSD (or Linux) box running Postfix
as an e-mail gateway that scans all mail passing thru it and drops
certain messages based on your criteria. Takes a bit of effort to get
everything ironed out, but worth it in the long run.
Matt Walkowiak
-----Original Message-----
From: Arif, Aboo M [mailto:Aboo@xxxxxxxxxxxxxxxxxx]
Sent: Tuesday, June 25, 2002 10:58 PM
To: [ExchangeList]
Cc: Periyasamy, Raj
Subject: [exchangelist] How to stop telnet access, spamming
http://www.MSExchange.org/ - Re-Vamped!
Hi
I wanted to stop spamming on my mail system exchange 5.5. If I stop
telnet access to my mail server whether it will stop Spamming ?. If yes
how can I stop telnet access? Whether it will create any problem to
incoming mails if I stop telnet on my server?
Please help me on this regard.
Thanks in Advance.
Regards
Aboo Arif
Emcure Infotech Ltd.
2A/2, Kundan Estate,
Bhaupatil Road
Bhopodi
Pune, Maharashtra 411020
Ph:5817111, 5817428, 29
www.emcureinfotech.com
------------------------------------------------------
You are currently subscribed to this MSExchange.org Discussion List as:
matt.walkowiak@xxxxxxxxxxxx
To unsubscribe send a blank email to
$subst('Email.Unsub')
------------------------------------------------------
You are currently subscribed to this MSExchange.org Discussion List as:
aboo@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to
$subst('Email.Unsub')
------------------------------------------------------
You are currently subscribed to this MSExchange.org Discussion List as:
matt.walkowiak@xxxxxxxxxxxx
To unsubscribe send a blank email to
$subst('Email.Unsub')
Other related posts:
