Comment by ajross
10 days ago
None of this affects the use of telnet the client program nor the ability to run a telnetd on your own host (but do be sure it's patched!).
What's happened is that global routing on the internet (or big chunks of it, it's not really clear) has started blocking telnet's default port to protect presumably-unpatched/unpatchable dinosaur systems from automated attack. So you can no longer (probably) rely on getting to a SMTP server to deliver that spoofed email unless you can do it from its own local environment.
> started blocking telnet's default port
But that's 23 and smtp is 25.
SMTP has and is almost blocked everywhere to dissuade spam.
Presumably not on the SMTP servers they were connecting to. There are millions of IPs with port 25 open, without them email wouldn't work, so I'm not sure what you mean
1 reply →
You would still be able to use the telnet client to connect to an SMTP server on TCP port 25, just not port 23, right? I don't think that part changed here.
It's... not super clear from the article whether this is a port block or a stateful protocol thing. But yes, you're probably right and SMTP spoofing is probably safe for now.
I read it as a clear port 23 block.