The last month has been pretty exciting, because Diman has just made the final release for the Nmap Scripting Engine available, which definitely ROCKS!
It comes with great scripts, but some of the other contributors made a list of useful scripts that didn’t yet exist, and one of them was an SMTP Open Relay testing script.
I’ve coded one, which you can grab HERE. I just fixed a couple of stupid bugs, but it works ok so far 😉
To use it, just place the file under your share/nmap/nse-scripts directory and call it like this (for example, you can remove –script-trace later on):
nmap –script-trace -sV -F –script=SMTP_openrelay_test.lua $SOME_HOST
It will run a series of tests against SOME_HOST, using service detection (-sV) on the standard ports (-F), then run the script SMTP_openrelay_test.lua against those ports that have a running smtp service. Later on it will let you know the results 😉
Try it, patch it, enhance it, share it. It’s licensed as Nmap, and I hope it will come along with the nmap package 😉
UPDATE: Script to test for an Open Proxy HERE (20070413).