How can I automate telnet port 25 testing?

2019-06-21 11:57发布

问题:

I need to make a large set of tests in telnet. I am working on some ways to auto detect dictionary attacks on our email server, and then throttle them back, or blacklist them etc.

I am now ready to run some tests and see if my work pays off. I figured I would just download some script kiddy app to run the tests. I can not find any and those I can are bad or binary and non configurable.

I will have a list of addresses I generate in a loop.

I want to take $address as an argument and do this:

telnet myserver.com 25 helo some-string.com mail from: me@me.com rcpt to: $address quit

Within that, I need to test a few things, such as, if I enable greylisting, I want to fail the script, as that is my first countermeasure. I suppose in that case, I would just have telnet timeout?

  • helo should return a code string starting with 220, that is about as accurate as I need to make this test.

  • mail from should return 250, or looking for OK would suffice

  • rctp to should return 250 or Ok sometimes, when I send in a valid user, but most of the time I will send in a bad address, so I look for the absence of 250 or OK.

  • Finally, I will send in a quit.

I am not able to get conditions and logging to happen within an interactive situation. I looked at expect but could not get it to work.

My code so far:

echo -e "helo foo\nmail from: foo.... | telnet example.com 25 | grep -i blah 

This did not perform as expected.

What can I do to accomplish my goal?

回答1:

I'm surprised that Expect didn't do it for you since it's written for just these kinds of things.

Perl is simpler in some ways and can get a job like this done. But with Perl, you won't bother with Telnet, you can instead open port 25 directly.

If you really want to exercise your server get the source for Siege and modify it to talk SMTP instead of HTTP. That was my favorite tool for testing Apache performance and I'm sure it wouldn't be too hard to make it test Sendmail.



回答2:

Try netcat: http://netcat.sourceforge.net/

It'll let you send and receive data on a socket. telnet isn't what you want - it's for interactive use.



回答3:

expect wrapped around netcat (instead of telnet) is probably the best initial bet. But, if you really need to this, I would use perl. There are SMTP client libraries for it.



回答4:

You can use Bash syntax for that, e.g.

exec {stream}<>/dev/tcp/example.com/80
printf "GET / HTTP/1.1\nHost: example.com\nConnection: close\n\n" >&${stream}
grep Example <&${stream}

Here is another syntax example which dumps list of keys from memcached:

exec {memcache}<>/dev/tcp/localhost/11211; printf "stats items\nquit\n" >&${memcache}; cat <&${memcache}


标签: telnet