Re: [Exim] contrib: testing relaying without learning SMTP

Top Page
Delete this message
Reply to this message
Author: Exim Users Mailing List
Date:  
To: exim-users
Subject: Re: [Exim] contrib: testing relaying without learning SMTP
[ On , August 28, 1999 at 23:03:00 (+0200), Kai Henningsen wrote: ]
> Subject: Re: [Exim] contrib: testing relaying without learning SMTP
>
> That's faulty logic. You don't need to have BIND installed to get DNS, you
> just need a resolver library (that is, you need a DNS client, but not a
> DNS server).


No, it'd deductive logic. Any system that Exim runs on, and where it is
using DNS, will likely have nslookup installed *because* nslookup comes
with the DNS software that's ususally installed on such systems, *even*
if you're only using the resolver client library portion of such
software (indeed nslookup can be considered more related to the resolver
code than anything else! ;-).

In any case the question was, if memory serves me correctly, related to
which command-line tool would be best to help do DNS lookups in a
script. I'll still assert that the best tool for this purpose is the
very latest release of the 'host' tool (*not* the one that is usually
installed by default with BIND, and thus *not* the default one that is
in most of the modern *BSDs).

BTW, it just so happens that one of the best command-line utilities for
checking e-mail addresses at remote SMTP servers is a "sibling" of sorts
of the modern version of 'host'. It's available in the same directory:

    ftp://ftp.nikhef.nl/pub/network/vrfy.tar.Z


I had contemplated adding rudimentary support for checking remote relays
to 'vrfy', but I've been reluctant to make it actually try sending
e-mail, which is what's actually required to test remote relays. In the
end I personally find it simpler to just type the SMTP commands myself
because the address I have to use to send the relayed message through is
unique to myself anyway, and because the ways to trick a mailer into
letting you do a remote relay are often very very dependent on exactly
which kind of mailer you're trying to relay through. You really don't
need to know much about SMTP to do this kind of testing -- you do need
to know about e-mail addressing forms and about how various kinds of
mailers might be exploited. Note that the automated checkers such as
those run by ORBS and IMRSS are brute force machines and they always
require the actual message to be received back at their database engines
in order to declare a mailer as a remote relay. Note also that the ORBS
and IMRSS relay checkers are not necessarily going to try to trick the
remote mailer into thinking that the mail is from a trusted user, though
they do try to use the most commonly exploited means of doing this.

Note also that other much better maintained versions of two very common
network tools also exist there: ping and traceroute.

-- 
                            Greg A. Woods


+1 416 218-0098      VE3TCP      <gwoods@???>      <robohack!woods>
Planix, Inc. <woods@???>; Secrets of the Weird <woods@???>