blackhawk

Another quick question. In the command, telnet xxx.xxx.xxx.xxx 25, the 25 stands for the port number. My question is if it is Port 25 from the local computer sending the telnet command (my computer in this case) or from the Port 25 of the mail server. If it is Port 25 of the mail server, it seems a little backward to me since I am the one wanting to send the E-mail (using SMTP and Port 25) and I am wanting to leave mail on the server (which means the server is receiving the mail, requiring POP3 and port 110). Am I looking at this all wrong?

BTW, I am able to connect to bellsouth.net's server from home with now problems using telnet, so I think you are correct about my work's DNS servers. Do you suppose this was a security-based decision by my workplace to get rid of the reverse DNS lookup records?

heatwave

Variable - you are right. The SMTP authentication through telnet is pretty complicated.

How can there still be so much spam if smpt authentication is gaining popularity? Do you think that spam will ever be chocked off?

vega55

Yep, you are looking at it it the wrong way. You are sending mail. Look at it from the sender/client prospective. When you connect to a mail server to send mail, the way we have been discussing, you do so over port 25. Port 25 is the default port used by SMTP. In order to connect to a mail server on that port, the mail server has to be listening on that port. POP3 is what is used to pull mail down from a mail server. You can also pull mail from telnet using the same string except change the last bit to port 110. When you do that you will use a different set of commands. SMTP sends mail, pop3 retrieves mail.

As for the second question, no. A reverse record on an internal server is not a security problem because it is internal. No one from the outside will be able to connect to the 10. address. That is because of NAT and because it is no doubt behind a firewall appliance and/or a router doing ACL's. It is simply the way the DNS server was configured - with no reverse record. Everything probably works and nothing has needed it so it simply wasn't added. Many admins never added PTR records because DNS worked without them. Some admins are just slack, they do the minimum necessary to make it work and no more. Maybe they don't have them because their external security is an issue, who knows...

blackhawk

No, there will always be spam. Authentication only makes it more difficult.

heatwave

Do you think that spamers will start getting another users info and authenticating as them to send the spam?

owenwood123

Telnetting to any host as well as anticipating anything other than a slap attack the head from the administrator is advertising it.