Wednesday, July 11, 2007

Telent and SMTP

LonerVamp pointed out a post about the technique for testing/sending email with telnet which has been well-known (at least amongst *nix admins) for decades. I'm surprised that the topic is considered news at all as it's quite old. In any case, if you're a mail or NOC admin, it's a "need-to-know".

One thing not mentioned is that this technique can be employed to create a whole lot of evil. While outward facing SMTP servers are normally protected against this kind of abuse, internal Exchange servers usually aren't. More than one security manager that I've worked for has received periodic beat-your-admins messages from the Easter Bunny and Santa Claus. (Disclaimer: I rec'd permission to do this beforehand!)