Voici un shell script utilisant un script perl
pour tester différentes méthodes de relayage d'un mail.
L'objectif est de determiner si un serveur mail est correctement configuré contre les attaques openrelay.
il s'utilise ainsi :
./rlytest_all [ip du serveur a tester] [nom du domaine de l'adresse email qui va tester] [nom du domaine a tester, optionnel]
--- Cut Here - Shell Script ---
#!/bin/bash
#
#
ip=$1
dns_relay=$2
if [ "$3" = "" ]
then
dns_name_raw=`host $1|cut -d" " -f5`
lendns=`echo $dns_name_raw|wc -c|tr " " -d`
let lendns=lendns-2
dns_name_raw=`echo $dns_name_raw|cut -c-$lendns`
dns_name=`echo $dns_name_raw|cut -d"." -f2-`
else
dns_name_raw=$2
dns_name=`echo $dns_name_raw|cut -d"." -f2-`
fi
echo "je vais scanner : $ip"
echo "qui a pour FQDN : $dns_name_raw"
echo "comme domaine : $dns_name"
echo "@ de retour : nobody@$dns_relay"
echo ""
echo "Press a touche :)"
echo ""
read a
>return_code
echo ":Relay test: #Test 1"
perl rlytest -f nobody@$dns_relay -u nobody@$dns_relay $ip > banner_recup 2>> return_code
host_banner=`cat banner_recup|head -n 2|tail -n 1`
cat banner_recup
echo ":Relay test: #Test 2"
perl rlytest -f "spamtest@ision.fr" -u "nobody@$dns_relay" $ip 2>> return_code
echo ":Relay test: #Test 3"
perl rlytest -f "spamtest@localhost" -u "nobody@$dns_relay" $ip 2>> return_code
echo ":Relay test: #Test 4"
perl rlytest -f "spamtest" -u "nobody@$dns_relay" $ip 2>> return_code
echo ":Relay test: #Test 5"
perl rlytest -f "" -u "nobody@$dns_relay" $ip 2>> return_code
echo ":Relay test: #Test 6"
perl rlytest -f "spamtest@[$ip]" -u "nobody@$dns_relay" $ip 2>> return_code
echo ":Relay test: #Test 7"
perl rlytest -f "spamtest@$dns_name" -u "nobody@$dns_relay" $ip 2>> return_code
echo ":Relay test: #Test 8"
perl rlytest -f "postmaster@$dns_name" -u "nobody@$dns_relay" $ip 2>> return_code
echo ":Relay test: #Test 9"
perl rlytest -f "spamtest@$dns_name" -u "nobody%$dns_relay@$dns_name" $ip 2>> return_code
echo ":Relay test: #Test 10"
perl rlytest -f "spamtest@$dns_name" -u ""nobody%$dns_relay"@$dns_name" $ip 2>> return_code
echo ":Relay test: #Test 11"
perl rlytest -f "spamtest@$dns_name" -u ""nobody%$dns_relay@$dns_name"" $ip 2>> return_code
echo ":Relay test: #Test 12"
perl rlytest -f "spamtest@$dns_name" -u "nobody@$dns_relay@$dns_name" $ip 2>> return_code
echo ":Relay test: #Test 13"
perl rlytest -f "spamtest@$dns_name" -u ""nobody@$dns_relay"@$dns_name" $ip 2>> return_code
echo ":Relay test: #Test 14"
perl rlytest -f "spamtest@$dns_name" -u ""nobody@$dns_relay@$dns_name"" $ip 2>> return_code
echo ":Relay test: #Test 15"
perl rlytest -f "spamtest@$dns_name" -u "nobody%$dns_relay" $ip 2>> return_code
echo ":Relay test: #Test 16"
perl rlytest -f "spamtest@$dns_name" -u ""nobody%$dns_relay"" $ip 2>> return_code
echo ":Relay test: #Test 17"
perl rlytest -f "spamtest@$dns_name" -u "@$dns_name:nobody@$dns_relay" $ip 2>> return_code
echo ":Relay test: #Test 18"
perl rlytest -f "spamtest@$dns_name" -u "@$dns_name:"nobody@$dns_relay"" $ip 2>> return_code
echo ":Relay test: #Test 19"
perl rlytest -f "spamtest@$dns_name" -u ""@$dns_name:nobody@$dns_relay"" $ip 2>> return_code
echo ":Relay test: #Test 20"
perl rlytest -f "spamtest@$dns_name" -u "$dns_relay!nobody" $ip 2>> return_code
echo ":Relay test: #Test 21"
perl rlytest -f "spamtest@$dns_name" -u ""$dns_relay!nobody"" $ip 2>> return_code
echo ":Relay test: #Test 22"
perl rlytest -f "spamtest@$dns_name" -u "$dns_relay!nobody@$dns_name" $ip 2>> return_code
echo ":Relay test: #Test 23"
perl rlytest -f "spamtest@$dns_name" -u ""$dns_relay!nobody@"$dns_name" $ip 2>> return_code
echo ":Relay test: #Test 24"
perl rlytest -f "spamtest@$dns_name" -u ""$dns_relay!nobody@$dns_name"" $ip 2>> return_code
echo ":Relay test: #Test 25"
perl rlytest -f "spamtest@$dns_name_raw" -u "nobody@$dns_relay" $ip 2>> return_code
echo ":Relay test: #Test 26"
perl rlytest -f "postmaster@$dns_name_raw" -u "nobody@$dns_relay" $ip 2>> return_code
echo ":Relay test: #Test 27"
perl rlytest -f "spamtest@$dns_name_raw" -u "nobody%$dns_relay@$dns_name" $ip 2>> return_code
echo ":Relay test: #Test 28"
perl rlytest -f "spamtest@$dns_name_raw" -u ""nobody%$dns_relay"@$dns_name" $ip 2>> return_code
echo ":Relay test: #Test 29"
perl rlytest -f "spamtest@$dns_name_raw" -u ""nobody%$dns_relay@$dns_name"" $ip 2>> return_code
echo ":Relay test: #Test 30"
perl rlytest -f "spamtest@$dns_name_raw" -u "nobody@$dns_relay@$dns_name" $ip 2>> return_code
echo ":Relay test: #Test 31"
perl rlytest -f "spamtest@$dns_name_raw" -u ""nobody@$dns_relay"@$dns_name" $ip 2>> return_code
echo ":Relay test: #Test 32"
perl rlytest -f "spamtest@$dns_name_raw" -u ""nobody@$dns_relay@$dns_name"" $ip 2>> return_code
echo ":Relay test: #Test 33"
perl rlytest -f "spamtest@$dns_name_raw" -u "nobody%$dns_relay" $ip 2>> return_code
echo ":Relay test: #Test 34"
perl rlytest -f "spamtest@$dns_name_raw" -u ""nobody%$dns_relay"" $ip 2>> return_code
echo ":Relay test: #Test 35"
perl rlytest -f "spamtest@$dns_name_raw" -u "@$dns_name:nobody@$dns_relay" $ip 2>> return_code
echo ":Relay test: #Test 36"
perl rlytest -f "spamtest@$dns_name_raw" -u "@$dns_name:"nobody@$dns_relay"" $ip 2>> return_code
echo ":Relay test: #Test 37"
perl rlytest -f "spamtest@$dns_name_raw" -u ""@$dns_name:nobody@$dns_relay"" $ip 2>> return_code
echo ":Relay test: #Test 38"
perl rlytest -f "spamtest@$dns_name_raw" -u "$dns_relay!nobody" $ip 2>> return_code
echo ":Relay test: #Test 39"
perl rlytest -f "spamtest@$dns_name_raw" -u ""$dns_relay!nobody"" $ip 2>> return_code
echo ":Relay test: #Test 40"
perl rlytest -f "spamtest@$dns_name_raw" -u "$dns_relay!nobody@$dns_name" $ip 2>> return_code
echo ":Relay test: #Test 41"
perl rlytest -f "spamtest@$dns_name_raw" -u ""$dns_relay!nobody@"$dns_name" $ip 2>> return_code
echo ":Relay test: #Test 42"
perl rlytest -f "spamtest@$dns_name_raw" -u ""$dns_relay!nobody@$dns_name"" $ip 2>> return_code
echo "Tested host banner: $host_banner"
nbaccept=`cat return_code|grep accepted|wc -l|tr " " -d`
if [ $nbaccept -gt 0 ]
then
echo "System appeared to accept $nbaccept relay attempts"
else
echo "System refused all relay attempts, seems good !"
fi
/bin/rm -f banner_recup
/bin/rm -f return_code
--- Cut Here ---
--- Cut Here - perl script ---
#!/usr/local/bin/perl
#
# $Id: rlytest,v 1.22 2001/10/22 22:02:48 chip Exp $
#
# $Log: rlytest,v $
# Revision 1.22 2001/10/22 22:02:48 chip
# updated message
#
# Revision 1.21 2001/10/22 19:57:38 chip
# updated URLs
#
# Revision 1.20 2000/06/21 09:02:09 chip
# Produce useful diagnostic if socket fails.
# Thanks to Paul Ewing Jr. <ewing@ima.umn.edu>
#
# Revision 1.19 2000/06/11 06:21:49 chip
# now uses exit status 2 to indicate successful relay submission
# added $EX_RELAY_ACCEPTED $EX_RELAY_REJECTED $EX_PROGRAM_ERROR
#
# Revision 1.18 2000/04/04 08:25:32 chip
# changed default domain from acme.com to example.com
#
# Revision 1.17 1999/08/20 07:11:54 chip
# moved uid=0 check before calculate_fqdn is called (oof!)
# thanks to Paul David Fardy <pdf@morgan.ucs.mun.ca> for catching that
#
# Revision 1.16 1999/05/25 15:51:57 chip
# added $Root_check to avoid running as root
# remove $! from socket creation failure, people were finding it confusing
#
#
# rlytest - test mail host for third-party relay
# (see POD documentation at end)
#
# Chip Rosenthal
# Unicom Systems Development
# <chip@unicom.com>
#
require 5.002;
use strict;
use Getopt::Std;
use IO::Socket; # warning - IO::Socket was an optional add-on prior to 5.004
use Time::gmtime;
use vars qw($Usage $Dflt_hostname $Dflt_domain $Root_check %Opts
$Target_host $Timeout $Hostname $Username $Comment
$Actual_sender $MailFrom_addr $RcptTo_addr $Mssg_body);
$0 =~ s!.*/!!;
$Usage = "usage: $0 [-f sender_addr] [-u recip_addr] [-c comment] [-t timeout] target_host";
use vars qw($EX_RELAY_ACCEPTED $EX_RELAY_REJECTED $EX_PROGRAM_ERROR);
$EX_RELAY_REJECTED = 0;
$EX_RELAY_ACCEPTED = 2;
$EX_PROGRAM_ERROR = 1;
#
# Host name configuration - Leave these commented out unless the
# calculate_fqdn() routine is unable to calculate your FQDN (fully
# qualified domain name) correctly. You'll know if it fails, because
# the script will bomb out *censored*ing about the FQDN. If this happens,
# try setting $Dflt_domain to your domain. Or, if you like, you
# may hardwire $Dflt_hostname to a particular FQDN.
#
$Dflt_domain = "sioban.net";
$Dflt_hostname = "shax.sioban.net";
#
# This utility does not need to be run as root. In fact, there is
# a potential problem in doing so. In the "calculate_fqdn" subroutine,
# one of the ways it tries to obtain the host name is with "hostname -f".
# While this works on some systems, on others it will attempt to change
# the local hostname to "-f"!
#
$Root_check = 1;
if ($Root_check && $> == 0) {
print STDERR q[
You should not be running this as root!
Recommend you abort and run as a nonprivileged user.
Pausing 10 seconds.];
foreach $_ (1 .. 10) {
print STDERR ".";
sleep 1;
}
print STDERR "
";
}
#
# Unbuffered output.
#
autoflush STDOUT 1;
#
# Crack command line.
#
getopts('c:f:t:u:', %Opts)
or die "$Usage";
die "$Usage
"
unless (@ARGV == 1);
$Target_host = shift;
#
# Initialize parameters.
#
$Timeout = $Opts || 60;
$Hostname = calculate_fqdn()
or die "$0: cannot determine FQDN
";
$Username = $ENV || $ENV || die "$0: LOGNAME undefined
";
$Actual_sender = $Username . "@" . $Hostname;
$RcptTo_addr = $Opts || $Actual_sender;
$Comment = $Opts . "
"
if ($Opts);
if ($Opts ne "") {
$MailFrom_addr = $Opts;
} elsif ($Target_host =~ /^d+.d+.d+.d+$/) {
$MailFrom_addr = "";
# $MailFrom_addr = "nobody@[$]";
} else {
$MailFrom_addr = "";
# $MailFrom_addr = "nobody@$";
}
#
# Construct the test message.
#
$Mssg_body =
"To: $RcptTo_addr
"
. "From: $MailFrom_addr
"
. "Subject: test for susceptibility to third-party mail relay
"
. "Date: " . arpa_date(time()) . "
"
. "Message-Id: <rlytest-" . time() . "-" . $$ . "@$Hostname>
"
. "Sender: spamtest@energis.fr
"
. qq[
This message is a test probe, to ensure that your mail server is secured
against third-party mail relay. This is NOT an attempt to hack or
crack your system, but just to ensure the system are secured against
this common vulnerability. This test usually is performed by a system
administrator who is trying to determine the source of a spam email.
A well-configured mail server should NOT relay third-party email.
Otherwise, the server is subject to attack and hijack by Internet vandals
and spammers. For information on how to secure a mail server against
third-party relay, visit <URL: http://mail-abuse.org/tsi/>;.
This probe was generated by the "rlytest" utility. For more information,
visit <URL: http://www.unicom.com/sw/rlytest/>;.
Target host = $Target_host
Test performed by <spamtest@energis.fr>
from enveloppe = $MailFrom_addr
to enveloppe = $RcptTo_addr
If you have any concern about this test, please contact the person listed
in the "test performed by" line above.
$
.
];
#
# Connect and execute SMTP diaglog.
#
print "Connecting to $Target_host ...
";
my $sock = IO::Socket::INET->new(
Proto => "tcp",
PeerAddr => $Target_host,
PeerPort => "smtp(25)",
Timeout => $Timeout)
or die "$0: socket failed: cannot connect to $Target_host: $@
";
$SIG = sub { die "$0: timeout waiting for socket I/O
"; };
$sock->autoflush(1);
read_response($sock);
write_command($sock, "HELO $Hostname
");
write_command($sock, "MAIL FROM:<$MailFrom_addr>
");
write_command($sock, "RCPT TO:<$RcptTo_addr>
");
write_command($sock, "DATA
");
write_command($sock, $Mssg_body, "(message body)
");
my $code = write_command($sock, "QUIT
");
#
# Dialog successful (which is bad -- that means the relay was accepted).
#
warn "$0: relay accepted - final response code $code
";
exit($EX_RELAY_ACCEPTED);
#
# usage: write_command($sock, $data_to_send[, $mssg_to_display])
#
sub write_command
{
my $sock = shift;
my $data = shift;
my $mssg = shift || $data;
print ">>> $mssg";
$data =~ s/
/
/g;
alarm($Timeout);
$sock->print($data)
or die "$0: socket write failed [$!]
";
alarm(0);
return read_response($sock);
}
#
# usage: $response_code = read_response($sock);
#
sub read_response
{
my $sock = shift;
my($code, $cont, $mssg);
do {
alarm($Timeout);
chop($_ = $sock->getline());
alarm(0);
($code, $cont, $mssg) = /(ddd)(.)(.*)/;
print "<<< ", $_, "
";
} while ($cont eq "-");
return $code
if ($code >= 200 && $code < 400);
alarm($Timeout);
$sock->print("QUIT
");
alarm(0);
warn "$0: relay rejected - final response code $code
";
exit($EX_RELAY_REJECTED);
}
#
# usage: $hostname = calculate_fqdn();
#
sub calculate_fqdn
{
my @trycmds = ("hostname", "hostname -f", "uname -n");
my $cmd;
my $hostname;
return $Dflt_hostname
if ($Dflt_hostname);
foreach $cmd (@trycmds) {
chop($hostname = `$cmd`);
return $hostname
if ($hostname =~ /./);
return $hostname . "." . $Dflt_domain
if ($hostname && $Dflt_domain);
}
die "$0: cannot determine FQDN - please set $Dflt_domain or $Dflt_hostname
"
}
#
# usage: $date_header = arpa_date($secs_since_epoch)
#
sub arpa_date
{
my $gm = gmtime(shift);
my @Day_name = ("Sun", "Mon", "Tue", "Wed", "Thu", "Fri", "Sat");
my @Month_name = (
"Jan", "Feb", "Mar", "Apr", "May", "Jun",
"Jul", "Aug", "Sep", "Oct", "Nov", "Dec");
sprintf("%-3s, %02d %-3s %4d %02d:%02d:%02d GMT",
$Day_name[$gm->wday],
$gm->mday, $Month_name[$gm->mon], 1900+$gm->year,
$gm->hour, $gm->min, $gm->sec);
}
--- Cut Here ---
www.sioban.net
http://www.sioban.net/article.php/20051026152550159