Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Comments on smtp-open-relay and smtp-enum-users

From: Ron <ron () skullsecurity net>
Date: Fri, 12 Mar 2010 09:09:26 -0600
I talked to Duarte this off the list a bit, but I thought I'd post it here. The other thread was growing out of 
control, so I thought it best to make a new one.

Anyways, smtp-enum-users.nse works great for me. Even the server where VRFY was disabled worked, thanks to the "RCTP 
TO" hacking. I did generated the list by harvesting some .pdf files on the site manually and feeding them in with the 
userdb script-arg. 

smtp-open-relay.nse looks like it's working as well, but I don't think the output is clear enough. It'd be nice to get 
a boolean message, saying "this server IS an open relay" or "x out of 5 tests passed, this server is likely [not] an 
open relay". That'd be helpful to me. 

Overall, though, they're looking good and have already helped me find an issue. 

-- 
Ron Bowes
http://www.skullsecurity.org
http://www.twitter.com/iagox86
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: