how can I protect my mail server such as MS exchange from anyone who telnet to port 25 and then use any command such as VRFY to verify users on my mail server ??
I think most defaults to reject VRFY commands, yes.
Rejecting ALL commands if they come from a telnet session may be another matter. Since SMTP commands are a bit on the simplistic side, doing them by telnet isn't too complicated. You'd have to reject telnet sessions only, and not SMTP session. Perhaps some firewall setting could do this, but what is to gain from that?
Regards
/RID
0
Question has a verified solution.
Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.
Regards
/RID