312-50V10 · Question #606
An NMAP scan of a server shows port 25 is open. What risk could this pose?
The correct answer is D. Active mail relay. Port 25 is the SMTP port used for email transmission. An open port 25 can indicate the server is operating as a mail relay, which attackers may exploit to send spam or phishing emails anonymously.
Question
An NMAP scan of a server shows port 25 is open. What risk could this pose?
Options
- AOpen printer sharing
- BWeb portal data leak
- CClear text authentication
- DActive mail relay
How the community answered
(25 responses)- A4% (1)
- B4% (1)
- D92% (23)
Why each option
Port 25 is the SMTP port used for email transmission. An open port 25 can indicate the server is operating as a mail relay, which attackers may exploit to send spam or phishing emails anonymously.
Printer sharing typically uses ports 9100, 515, or 631 (IPP), not port 25.
Web portal data leaks are associated with HTTP/HTTPS ports 80 and 443, not port 25.
Clear text authentication is a concern with protocols like FTP (port 21) or Telnet (port 23); while SMTP can transmit credentials in clear text, the primary and most recognized risk of an open port 25 is mail relay abuse, not authentication exposure.
Port 25 is the well-known port for SMTP (Simple Mail Transfer Protocol), which handles email routing and delivery. An improperly configured SMTP server with port 25 open may function as an open mail relay, allowing unauthorized third parties to route email through it. This is a significant risk as it enables spam campaigns, phishing, and can result in the server's IP being blacklisted.
Concept tested: SMTP port 25 open relay security risk
Source: https://learn.microsoft.com/en-us/exchange/mail-flow-best-practices/how-to-set-up-a-multifunction-device-or-application-to-send-email-using-microsoft-365-or-office-365
Topics
Community Discussion
No community discussion yet for this question.