How To Test Your Mail Server For Backscatter Vulnerability - July 31, 2010
If you think your mail server may be configured improperly, here is a simple way to test it. Use command line telnet like this.
1) Telnet to port 25 of your mail server.
telnet your.mailserver.com 25
2) Issue some SMTP commands starting with this.
HELO random.victim.com
The server will respond with something like this:
250 your.mailserver.com Hello so.and.so [XX.XXX.XXX.XX], pleased to meet you
3) Now you type this.
MAIL FROM: yourself@random.victim.com
The server will respond with something like this:
250 2.1.0 you@random.victim.com… Sender ok
4) Now you type this.
RCPT TO: asdfasdf@your.mailserver.com
The server SHOULD respond with a 550 like this:
550 5.1.1 asdfasdf@your.mailserver.com… User unknown
If instead it responds with something like this, then your server configuration probably needs fixed to prevent backscatter:
250 2.1.5 asdfasdf@your.mailserver.com