Hello, <talking about getting mails of the firewall with smtp>
> Yep. IMO, it's much more important to forbid SMTP connections to the > mail server, Accepting Mail via SMTP is totally unconnected to sending Mail via SMTP. You dont need to run an SMTPd to send SMTP Mails. > for example by using UUCP to an outside relay host. That > way you can safely use sendmail. (Sending mails via UUCP to sendmail is NOT more secure than sending via SMTP. In both cases the Headers are read by sendmail and can cause Buffer overruns.) I dont see any win by using uucp to your Mail Relay instead of SMTP (in terms of security). I dont see any additional Protection from running "rmail" from UUCP vs. "in.smtpd" from SMTP. Which Point do u think makes UUCP more secure? UUCP is a big old monster with horrible SUID/word writeable Directories and a lot of configs you can do wrong. For a simple firewall we should avoid it. Of course it can be helpfuff for batched transfers to a mail relay, but nowadays very little ISPs actively support UUCP. And to the trusted Inside, accepting SMTP is the best Solution, since this will support all internal Mail Systems like MS, Netscape, Notes, MHS,... and all free Clients (Eudora, Netscape, IE, Mutt) Accepting Mails via SMTP from the Internet is often Mandatory (if your ISP can't do otherwise). (And if your ISP supports POP3 fetchmail will deliver the Internet Mail via SMTP anyway). The need to filter the Headers is the same, if you get the mail via SMTP or rmail. Greetings Bernd -- (OO) -- [EMAIL PROTECTED] -- ( .. ) [EMAIL PROTECTED],linux.de,debian.org} http://home.pages.de/~eckes/ o--o *plush* 2048/93600EFD [EMAIL PROTECTED] +497257930613 BE5-RIPE (O____O) If privacy is outlawed only Outlaws have privacy -- E-mail the word "unsubscribe" to [EMAIL PROTECTED] TO UNSUBSCRIBE FROM THIS MAILING LIST. Trouble? e-mail to [EMAIL PROTECTED] .
