nerdexam
EC-Council

312-50V13 · Question #133

While examining audit logs, you discover that people are able to telnet into the SMTP server on port 25. You would like to block this, though you do not see any evidence of an attack or other wrong do

The correct answer is E. None of the above.. The objective is to block Telnet access to an SMTP server on port 25 while ensuring the legitimate email functionality of the SMTP server remains unaffected.

Submitted by ahmad_uae· Mar 6, 2026Evading IDS, Firewalls, and Honeypots

Question

While examining audit logs, you discover that people are able to telnet into the SMTP server on port 25. You would like to block this, though you do not see any evidence of an attack or other wrong doing. However, you are concerned about affecting the normal functionality of the email server. From the following options choose how best you can achieve this objective?

Options

  • ABlock port 25 at the firewall.
  • BShut off the SMTP service on the server.
  • CForce all connections to use a username and password.
  • DSwitch from Windows Exchange to UNIX Sendmail.
  • ENone of the above.

How the community answered

(58 responses)
  • A
    21% (12)
  • B
    2% (1)
  • C
    3% (2)
  • D
    7% (4)
  • E
    67% (39)

Why each option

The objective is to block Telnet access to an SMTP server on port 25 while ensuring the legitimate email functionality of the SMTP server remains unaffected.

ABlock port 25 at the firewall.

Blocking port 25 at the firewall would prevent all incoming SMTP traffic, including legitimate email delivery to the server, thus disrupting normal email functionality.

BShut off the SMTP service on the server.

Shutting off the SMTP service would completely disable the email server, preventing all normal email operations and deliveries.

CForce all connections to use a username and password.

Forcing username and password authentication might not be feasible for standard SMTP inbound connections (e.g., from other mail servers) and does not prevent a Telnet client from *connecting* to port 25, only from performing unauthorized actions.

DSwitch from Windows Exchange to UNIX Sendmail.

Switching email server software is a major system change that does not directly address the specific issue of selectively blocking Telnet access while preserving email functionality on the existing server.

ENone of the above.Correct

Blocking port 25 at the firewall (A) would prevent all legitimate SMTP traffic, not just Telnet. Shutting off the SMTP service (B) would disable all email functionality. Forcing username/password (C) might not be applicable for all inbound SMTP connections and wouldn't stop a Telnet client from connecting. Switching server software (D) is a drastic solution that doesn't solve the specific problem. Since Telnet is merely a client interacting with the SMTP service on port 25, blocking 'Telnet to port 25' without affecting other SMTP clients connecting to the same port is not directly achievable through these simple options, hence 'None of the above' is the best answer.

Concept tested: Network port blocking, SMTP protocol, firewall rules

Source: docs.microsoft.com/en-us/exchange/architecture/mail-flow/ports-and-protocols?view=exchserver-2019

Topics

#network security#firewall rules#SMTP#service hardening

Community Discussion

No community discussion yet for this question.

Full 312-50V13 Practice