312-50V9 · Question #499
An NMAP scan of a server shows port 25 is open. What risk could this pose?
The correct answer is D. Active mail relay. Port 25 is the SMTP port, and an open or misconfigured SMTP service can be exploited as an open mail relay, allowing attackers to send spam or phishing email through the server.
Question
An NMAP scan of a server shows port 25 is open. What risk could this pose?
Options
- AOpen printer sharing
- BWeb portal data leak
- CClear text authentication
- DActive mail relay
How the community answered
(18 responses)- A6% (1)
- B6% (1)
- D89% (16)
Why each option
Port 25 is the SMTP port, and an open or misconfigured SMTP service can be exploited as an open mail relay, allowing attackers to send spam or phishing email through the server.
Open printer sharing uses ports such as 631 (IPP) or 9100, not port 25.
Web portal data leaks are associated with HTTP (port 80) and HTTPS (port 443), not the SMTP port.
While SMTP can transmit credentials in clear text, clear text authentication is not the primary or most notable risk associated with port 25 being open - unauthorized mail relay is the more critical and defining threat.
Port 25 is assigned to SMTP (Simple Mail Transfer Protocol) for email transmission. A server with port 25 open and SMTP improperly configured can operate as an open relay, meaning any external host can route mail through it - making it a launchpad for spam campaigns, phishing, and reputation damage to the server's IP.
Concept tested: SMTP port 25 open relay security risk
Source: https://datatracker.ietf.org/doc/html/rfc5321
Topics
Community Discussion
No community discussion yet for this question.