34

I have set up a working SMTP relay together with MailScanner. This SMTP relay is not — and will not be — able to relay email from the outside, only local email.

Is it possible to send a malicious email with the terminal? I have googled around but could not find anything that could answer my question. For example, I want to use:

echo "{malicious-string}" | mail name@email.com

What could the "{malicious-string}" be?

Orphans
  • 1,404
  • 17
  • 26

2 Answers2

57

Use the EICAR test virus. http://www.eicar.org/86-0-Intended-use.html

echo 'X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*' | mail 

Edit: Be sure to read Michael Hampton's as well!

Sven
  • 97,248
  • 13
  • 177
  • 225
  • 5
    Ineed this worked, but I discovered that my Palo Alto firewall did take care of it instead of mailscanner. Seems like mailscanner did not catch it. Thanks anyway for your answer – Orphans Sep 14 '16 at 08:58
  • 7
    It might have detected it, if it had actually been in a file attachment. e.g. `echo -n 'X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*' > ducklin.html` – Michael Hampton Sep 14 '16 at 22:10
  • @MichaelHampton My firewall did catch it also. So I had to psychically bypass the fw – Orphans Sep 16 '16 at 06:42
29

To be sure, you should use the EICAR test virus, and attach it to the email, rather than simply putting it in the body.

echo -n 'X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*' > ducklin.docx
echo "Here is 10 million dollars" | mailx -a ducklin.docx user@example.com
Michael Hampton
  • 237,123
  • 42
  • 477
  • 940