Re: [cobalt-users] Port 25 email via telnet exploit

[Jeff Lasman <jblists@xxxxxxxxxxxxx>]

Paul Jacobs wrote:

> True, but some servers will auth. you before allowing you to post...... NO
> OPEN RELAY, send mail is the biggest open relay there is...
> your welcome to connect to my work mail server at mail.adv-data.com and see
> if you can send mail from it.

Paul, Paul, Paul...

Whether you're doing it intentionally or not, you're confusing the
issue.

I cannot connect to mail.adv-data.com and send mail from it any more
than you can connect to mail.nobaloney.net and send mail from it.  But
if you were already logged into the box, and then tried to connect to
mail.nobaloney.net you could.  And if I were already logged into your
mailserver (looks like a windows box since it's running an evbaluation
version of NTMail) I could send mail from it.

The authorization you're obfuscating about is logging into the box. 
Once you're logged into the box you're a trusted user on the box and can
send email from it.

If you don't believe it give me an account on your mailserver, and a way
to log into it remotely, and I'll use telnet FROM YOUR MAILSERVER to
send email anywhere in the world.

And I sure hope that Jose isn't going to be angry at me for telnetting
into his server to see what it was running; it looks like it's his, not
yours.

> You miss understand... I am using eudora, to send mail, not logging in any
> other way than the eudora program....

As am I; what's your point?  Are you saying you're using Eudora to send
email from an untrusted network, NOT getting mail first, and still
successfully sending mail off your system's trusted network?

If so, then let me help you figure out why your RaQ isn't set up to the
normal standards and get it fixed so it's no longer an open relay.

Jeff
-- 
Jeff Lasman <jblists@xxxxxxxxxxxxx>
Linux and Cobalt/Sun/RaQ Consulting
nobaloney.net
P. O. Box 52672, Riverside, CA  92517
voice: (909) 778-9980  *  fax: (702) 548-9484