I need to make a large set of tests in telnet. I am working on some ways to auto detect dictionary attacks on our email server, and then throttle them back, or blacklist them etc.
I am now ready to run some tests and see if my work pays off. I figured I would just download some script kiddy app to run the tests. I can not find any and those I can are bad or binary and non configurable.
I will have a list of addresses I generate in a loop.
I want to take $address as an argument and do this:
telnet myserver.com 25 helo some-string.com mail from: [email protected] rcpt to: $address quit
Within that, I need to test a few things, such as, if I enable greylisting, I want to fail the script, as that is my first countermeasure. I suppose in that case, I would just have telnet timeout?
helo
should return a code string starting with 220, that is about as accurate as I need to make this test.mail from
should return 250, or looking for OK would sufficerctp to
should return 250 or Ok sometimes, when I send in a valid user, but most of the time I will send in a bad address, so I look for the absence of 250 or OK.Finally, I will send in a
quit
.
I am not able to get conditions and logging to happen within an interactive situation. I looked at expect
but could not get it to work.
My code so far:
echo -e "helo foo\nmail from: foo.... | telnet example.com 25 | grep -i blah
This did not perform as expected.
What can I do to accomplish my goal?