Refuse any command when telnet to port 25

how can I protect my mail server such as MS exchange from anyone who telnet to port 25 and then use any command such as VRFY to verify users on my mail server ??
siratorAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
ridConnect With a Mentor Commented:
The server software may have (should indeed have) an option to discard/deny VRFY commands. Look for this.

Regards
/RID
0
 
samriCommented:
There is some information found on this link.

Scroll to the middle of the page.

http://216.239.33.100/search?q=cache:gSTBYPODqkgC:www.ima.com/pdf/ienews/vol4no6.pdf+disable+vrfy+ms+exchange&hl=en&ie=UTF8

I hope this helps.
0
 
siratorAuthor Commented:
Thanks , rid,but I see most of mail servers are already tuned for not permitting to use VRFY, Is it right ?
0
 
ridCommented:
I think most defaults to reject VRFY commands, yes.

Rejecting ALL commands if they come from a telnet session may be another matter. Since SMTP commands are a bit on the simplistic side, doing them by telnet isn't too complicated. You'd have to reject telnet sessions only, and not SMTP session. Perhaps some firewall setting could do this, but what is to gain from that?

Regards
/RID
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.