Detecting SMTP open relays
Open relays are insecure mail servers that allow third-party domains to use them without authorization. They are abused by spammers and phishers, and they present a serious risk to organizations because public spam blacklists may add the relay servers and affect an entire organization relying on email reaching their destinations.
This recipe shows how to detect SMTP open relays with Nmap.
How to do it...
Open your terminal and enter the following Nmap command:
$ nmap -sV --script smtp-open-relay -v <target>
The output returns the number of tests that passed if the SMTP server is an open relay, and the command combination used:
Host script results: | smtp-open-relay: Server is an open relay (1/16 tests) |_MAIL FROM:<[email protected]> -> RCPT TO: <[email protected]>
How it works...
The smtp-open-relay
script was submitted by Arturo Buanzo Busleiman, and it attempts 16 different tests to determine if an...