Re: issue with script header in SMTP_openrelay_test.nse

[Arturo 'Buanzo' Busleiman <buanzo () buanzo com ar>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Fyodor wrote:
> Yes, James and I did use your open proxy script during our Nmap
> classes before CanSecWest.

Cool :P

> Do you think you could check what other scanners such as Nessus or special purpose SMTP relay
> checkers do?

I've based the OpenRelay NSE script on http://www.abuse.net/relay.html and they use "abuse.net" as
domain, which is a valid domain-name.

We have two kinds of tests:

(1) for smtp servers that check the domain for certain validity parameters
(2) for smtp servers that don't care about helo/from, and just allow to relay mail

We should decide what test we want. I do usually prefer to test sending email FROM a valid domain /
mail address, but that depends on what the pen-tester wishes to know/accomplish.

> While it is great to provide the option, I'm afraid we can't count on most users configuring any of this themselves.

So, if user provides a valid return-address, the script could go the test #1 route. Otherwise, the
script could just use test number (2).

- --
Arturo "Buanzo" Busleiman - Consultor Independiente en Seguridad Informatica
OpenPGP for HTTP: New Web-Auth Scheme: http://freshmeat.net/articles/view/2599
Consulting and Secure Mail Hosting: http://www.buanzo.com.ar/pro/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGVI+oAlpOsGhXcE0RCrzNAJ4icXzCAey2STRshN7zmoih6710MACfefPj
AWLgFjoc/jrDGRlLj6aJEa8=
=HRe6
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org