Detecting SMTP open relays
Open relays are insecure mail servers that allow third-party domains to use them without authorization. They are abused by spammers and phishers, and they present a serious risk to organizations because public spam blacklists may add the relay servers and affect the entire organization depending on e-mails reaching its destination.
This recipe shows how to detect SMTP open relays with Nmap.
How to do it...
Open your terminal and enter the following Nmap command:
$ nmap -sV --script smtp-open-relay -v <target>The output returns the number of tests that passed, if the SMTP server is an open relay, and the command combination used:
Host script results: | smtp-open-relay: Server is an open relay (1/16 tests) |_MAIL FROM:<antispam@insecure.org> -> RCPT TO: <relaytest@insecure.org>
How it works...
The smtp-open-relay script was submitted by Arturo Buanzo Busleiman, and it attempts 16 different tests to determine if an SMTP server allows...
