|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: How can I prevent outside users from telnet directly to the postf ix server?
From: David Terrell (dbt
meat.net)Date: Mon Oct 09 2000 - 18:01:42 CDT
- Next message: Wietse Venema: "Re: local delivery fails"
- Previous message: Jon Drukman: "Re: local delivery fails"
- In reply to: Ben Elliston: "Re: How can I prevent outside users from telnet directly to the postf ix server?"
- Next in thread: Ben Elliston: "Re: How can I prevent outside users from telnet directly to the postf ix server?"
- Next in thread: Damien Miller: "Re: How can I prevent outside users from telnet directly to the postf ix server?"
- Reply: David Terrell: "Re: How can I prevent outside users from telnet directly to the postf ix server?"
- Reply: Ben Elliston: "Re: How can I prevent outside users from telnet directly to the postf ix server?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Tue, Oct 10, 2000 at 09:35:46AM +1100, Ben Elliston wrote:
> I *could* add telnet options negotiation support to the Postfix SMTP
> server, and thus detect that the client is using telnet. But the
> Postfix SMTP server program is already much too large.
>
> I did this to sendmail 8.7.x. It worked great, but as Eric Allman pointed
> out, it doesn't stop people for long. A 5 line Tcl script could be written
> to attack your SMTP server instead, bypassing the Telnet protocol detection.
Especially since most telnet clients I know of don't send telnet negotiation
to ports other than 23.
-- David Terrell | "War is peace, Prime Minister, Nebcorp | freedom is slavery, dbt
- Next message: Wietse Venema: "Re: local delivery fails"
- Previous message: Jon Drukman: "Re: local delivery fails"
- In reply to: Ben Elliston: "Re: How can I prevent outside users from telnet directly to the postf ix server?"
- Next in thread: Ben Elliston: "Re: How can I prevent outside users from telnet directly to the postf ix server?"
- Next in thread: Damien Miller: "Re: How can I prevent outside users from telnet directly to the postf ix server?"
- Reply: David Terrell: "Re: How can I prevent outside users from telnet directly to the postf ix server?"
- Reply: Ben Elliston: "Re: How can I prevent outside users from telnet directly to the postf ix server?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]