how to exploit the ESMTP service

From: sisram2@gmail.com
Date: Mon Dec 24 2007 - 06:36:13 EST

Next message: krymson@gmail.com: "Re: brute force ColdFusion MX7 admin page"
Previous message: jwbensley@gmail.com: "Re: Copying secret windows file"
Next in thread: Michael Scheidell: "Re: how to exploit the ESMTP service"
Reply: Michael Scheidell: "Re: how to exploit the ESMTP service"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

('binary' encoding is not supported, stored as-is) I'm looking for info on exploits and security of ESMTP when you telnet into
port 25. I understand how to telnet in and send email via the command line
but trying to understand the security implications of being able to do this.
I am currently looking at this on Exchange 5.5.

Does ESMTP from the command line need to be "accessible" for the apps to
work or enabled to troubleshoot?

Are their DDOS attacks or hacks against ESMTP?

Is there a best practice to secure ESMTP

I've been able find info about ESMTP (commands) but not much info on the
potential security risks.

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

Next message: krymson@gmail.com: "Re: brute force ColdFusion MX7 admin page"
Previous message: jwbensley@gmail.com: "Re: Copying secret windows file"
Next in thread: Michael Scheidell: "Re: how to exploit the ESMTP service"
Reply: Michael Scheidell: "Re: how to exploit the ESMTP service"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:58:17 EDT