Search This Blog

Saturday, 2 June 2012

Testing your mail server security

Telnet IP 25


mail from

rcpt to

enter message here, followed by a full stop on a new line


Also, check whether your email server divulges your internal users by supporting the EXPN and VRFY commands (for example, VRFY administrator ->

' telnet 25

help - does it show EXPN / VRFY to be supported?

EXPN administrator

VRFY admin'

Finally, check if it's possible to send a spoofed email through the email server. For example, SMTP server for domain "" receives an external email from Does your email server drop this email? It should do

No comments:

Post a Comment