Telnetting into port 25 allows users to manually issue SMTP commands. While not necessarily malicious, it can be abused (e.g., for spamming or probing).
You don’t want to shut down SMTP (as that’s required for email), and you can’t block port 25 entirely. The best approach is to secure the service by requiring:
SMTP authentication (username/password)
Possibly TLS encryption
From CEH v13 Courseware:
Module 5: Vulnerability Analysis
Module 20: Secure Protocols
CEH v13 Study Guide states:
“To prevent unauthorized SMTP access, require SMTP AUTH. This allows only authenticated users to send email, mitigating abuse of open mail relays.”
Incorrect Options:
A: Blocks all SMTP, affecting email functionality.
B: Disables mail service entirely.
D: Switching platforms doesn’t solve the underlying issue.
E: Not appropriate—there is a clear solution.
[Reference:CEH v13 Study Guide – Module 5: Mail Server HardeningRFC 4954 – SMTP Authentication, ==================================================================, , ]
Submit