# TelNet with an SMTP server... uh oh!



## Zephyr28 (Feb 5, 2003)

Wow, you guys. This is pretty wierd. I tried to use the Unix command "telnet" to connect to my local smtp-server.

It sounded like the whole world blew up at me. Talk about a flaming disconnect! What is up? They said I was a hacker, and if I did it again they would use information against me in court........ um....... er.......

Would someone please explain why TelNet is so, um, evil?

Luke Pighetti


----------



## Gnomo (Feb 5, 2003)

Telnet isn't evil, it is just really powerful. 

It was designed back in the days where the only thing that computers had were command lines.  So, by using it, you were basically at the remote computer's keyboard, and you could use it to do basically anything that you would do at that computer's keyboard.

Anywho, since telnet is powerful, it gets abused by hackers.  (One bad apple spoils the bunch, eh?)

As for you being a hacker because you use telnet: I'd say that the Admin of your local SMTP Server is probably a little paranoid.  You can used telnet to send email, but it is fairly cryptic and you need to know what you are doing.

So don't take it too personally.  Lord knows that I've been called a hacker for much less (let's see...I think my favorite one was back when I was in 7th Grade and was called a Hacker for changing the Wallpaper on a windoze box....).


----------



## aisikl (Feb 6, 2003)

don't worry -- it's just a standard message that the server sends to scare people off -- basically there's nothing wrong with telnetting into your smtp server and 'manually' sending an email -- as long as you do it on your own (or your ISP's) smtp server, you're not doing anything wrong -- telnetting into other smtp-servers might be less safe but the worst that could happen is that they would accuse you of spamming --


----------



## Zephyr28 (Feb 6, 2003)

Yeah, because all I thought a TelNet client was, is an app that sends desired text + carrage return + line feed. And that's all. Anyways, thanks guys!


----------



## Darkshadow (Feb 6, 2003)

Heh, that _*is*_ all that telnet is - but the desired text can be commands as well as normal text.


----------



## Zephyr28 (Feb 6, 2003)

Here is what my TelNet session looked like:

Trying 24.92.226.153...
Connected to ms-smtp-03.nyroc.rr.com.
Escape character is '^]'.

Connection by unknown@ptd-24-198-39-190.maine.rr.com logged, reported and denied.

This system is restricted solely to Road Runner authorized users for
legitimate business purposes only. The actual or attempted unauthorized
access, use or modification of this system is strictly prohibited.
Unauthorized users are subject to Road Runner disciplinary proceedings and/or
criminal and civil penalties under state, federal or other applicable
domestic and foreign laws. The use of this system is be monitored and
recorded for administrative and security reasons. Anyone accessing this
system expressly consents to such monitoring and is advised that if such
monitoring reveals possible evidence of criminal activity, Road Runner may
provide the evidence of such activity to law enforcement officials.

This is your only warning.  Further attempts (including stealth) at
accessing this system will be considered hack attempts and pursued.

security@rr.com

~

Connection closed by foreign host.
[Process exited - exit code 1]


----------



## aisikl (Feb 6, 2003)

as i said: nothing but a standard text sent by the server -- don't worry too much about it -- if it's your ISP's smtp server, at least -- basically, there's nothing illegal about telnet -- it's old school, but a lot can be learned from it --


----------



## michaelsanford (Feb 7, 2003)

First of all, the message you got was from another telnet server, NOT the SMTP server.

To connect to the SMTP server you have to use *telnet 24.92.226.153 25* since the SMTP server is located at port 25, and telnet is 23 (so if you use telnet without specifying a port, it will default to port 23). If you had done that, you would have received this message:
	
	



```
[gwailo:~]% telnet 24.92.226.153 25
Trying 24.92.226.153...
Connected to 24.92.226.153.
Escape character is '^]'.
220 ms-smtp-03.nyroc.rr.com ESMTP *** FOR AUTHORIZED USE ONLY! ***
```
Then you can go ahead with HELO, and other SMTP commands.

I assume this was your ISP or something...


----------



## Zephyr28 (Feb 7, 2003)

> _Originally posted by michaelsanford _
> *First of all, the message you got was from another telnet server, NOT the SMTP server.
> 
> To connect to the SMTP server you have to use telnet 24.92.226.153 25 since the SMTP server is located at port 25, and telnet is 23 (so if you use telnet without specifying a port, it will default to port 23). If you had done that, you would have received this message:
> ...


Yes I know. I figured that out later. But why would they have a TelNet server set up just to yell at people?
Maybe they have it up for Admins?


----------



## michaelsanford (Feb 7, 2003)

They could have a telnet server configured merely to allow admins who enter a special key-combination after the message to get access, even though SSH is more secure.

PS telnet not TelNet


----------



## theed (Feb 11, 2003)

you silly guys.  They sell software that opens ports and mimics services simply to catch people doing silly stuff.  What they do with this information is ... a moral gray area.  But the point is that there probably isn't a telnet server running on that box.  If there is it had better well be IP limited.  Otherwise, roadrunner in Maine and me will have words.

Words I tell you.

so it's partly a scare tactic, and it's probably also a logging thing in case they want to have something against you they could say that they have evidence of non-standard network activity between you and their server.  At which point you say "Non-standard!  What do you mean by that?!?  Did I send any malformed packets?  Did I spoof my IP address?  Did I cause a denial of service or script a brute force password attack?  What exactly is this evidence of non-standard network activity of which you speak?"

Then they back down because they realize that you know more about networking than their legal team and their CEO's and secretly, deep down inside, they want to be your friend.  Partly because they're jealous of this mystical knowledge you posses, but mostly because they are afraid.  And they'd rather know that you were on their side than against them.

So I wouldn't take it too seriously, but it's like running half naked through a park; it's simply understood that there are people watching you, even if they're not going to do anything about it.  And then there are those who just take pictures.  Boy, those guys give me the creeps.


----------

