RE: How to stop telnet access, spamming

  • From: "Arif, Aboo M" <Aboo@xxxxxxxxxxxxxxxxxx>
  • To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
  • Date: Thu, 27 Jun 2002 12:47:41 +0530

Hi Matt
Thanks for the mail. My server was relay protected and it was tested using 
telnet. Presently my problem is X user is getting mails from Y user which has 
not been sent by Y. Both X and Y are in my organization. While I traced the 
Internet Headers using outlook it is showing it has received from some outside 
domains. They are sending on behalf of my internal user. I have blocked the at 
addresses using  firewall and IMS message Filtering. Other than this is there 
any way to stop this ?. Is this is Spamming?
Expecting your reply
-----Original Message-----
From: Walkowiak, Matt [mailto:Matt.Walkowiak@xxxxxxxxxxxx] 
Sent: Wednesday, June 26, 2002 8:33 PM
To: [ExchangeList]
Subject: [exchangelist] RE: How to stop telnet access, spamming - Re-Vamped!
Telnet is just a tool that can have one computer talk to another computer on a 
specified port.  The default port that telnet runs on is 23, but the "standard" 
telnet program lets one choose what port the user wants to talk on, for 
instance, 25 for SMTP, 80 for HTTP, 110 for POP3, 113 for AUTH...
One of the ways messaging system admins do some quick checks on connectivity is 
to use telnet to see if they can see an SMTP server out on the Internet.  We 
use the following command:
telnet 25
And we expect to get a 220 response, basically the remote SMTP server saying, 
"Hello, How's it going?"
Another way to use the telnet command is to do a very low-level test to see if 
an SMTP server is an open relay.  These are the commands that we use for this 
telnet 25
   get a 220 response
   get a 250 response (this is a positive response)
mail from:asdf@xxxxxxxx (this is some random e-mail addy - doesn't matter other 
than it needs to be formatted correctly)
   get a 250 response
rcpt to:ARealE-mailAddy@xxxxxxxxxxxxxxx (this is an e-mail addy that you can 
check - since you are sending an actual message, you want to know if you got 
the message, right?)
   get a 550 response - Relaying is prohibited.
Ok, the remote SMTP server just yelled at me for trying to exploit it, and put 
me in my place!
So, turning off "telnet" will do nothing good for you.  If you turn off port 
25, then you would get NO mail, good or bad.  To keep your server from being a 
spam relay, do a search on MS's site for "spam relay".  They have a few good 
articles.  I would also bet that has some good stuff, too.
If you are trying to stop people sending you spam, that's a little more tricky. 
 Check out - a guy named Len Conrad wrote some good 
directions on how to use a FreeBSD (or Linux) box running Postfix as an e-mail 
gateway that scans all mail passing thru it and drops certain messages based on 
your criteria.  Takes a bit of effort to get everything ironed out, but worth 
it in the long run.
Matt Walkowiak
-----Original Message-----
From: Arif, Aboo M [mailto:Aboo@xxxxxxxxxxxxxxxxxx] 
Sent: Tuesday, June 25, 2002 10:58 PM
To: [ExchangeList]
Cc: Periyasamy, Raj
Subject: [exchangelist] How to stop telnet access, spamming - Re-Vamped!
I wanted to stop spamming on my mail system  exchange 5.5.  If I stop telnet 
access to my mail server whether it will stop Spamming ?. If yes how can I stop 
telnet access?  Whether it will create any problem to incoming mails if I stop 
telnet on my server?
Please help me on this regard.
Thanks in Advance.
Aboo Arif
Emcure Infotech Ltd.
2A/2, Kundan Estate, 
Bhaupatil Road
Pune, Maharashtra   411020
Ph:5817111, 5817428, 29
You are currently subscribed to this Discussion List as: 
To unsubscribe send a blank email to $subst('Email.Unsub') 
You are currently subscribed to this Discussion List as: 
To unsubscribe send a blank email to $subst('Email.Unsub') 

Other related posts: