-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 In message <810190912069457987532d87bae82...@charliecompaq>, Charlie <[email protected]> writes
>I was wondering how exactly ISP's - that don't require authentication - >manage to restrict access to their customers only. They use ACL conditions that check the IP address is in range >I know that Exim can restrict access by IP address, Exactly so >but IP addresses can be >spoofed For two way TCP conversations (as needed for email transfer) IP addresses cannot be spoofed unless the spoofer can sniff the traffic as it travels between the endpoints (not a very interesting attack scenario) or the mail server stack is sub-standard and does not use truly random initial sequence numbers (in which case, upgrade to something that was shipped this century) >(and very often are spoofed by automated scanners which search for >SMTP servers that are open in this way). Scanners can operate (no idea how many do in practice) by just using SYN packets and then causing the SYN-ACK to go to a third party whose machine state can be tested remotely (usually because it allocates sequential identifiers to RST packets). But all this scanning activity does is to detect the TCP/25 listener, it doesn't involve any forging of email traffic. - -- richard Richard Clayton Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755 -----BEGIN PGP SIGNATURE----- Version: PGPsdk version 1.7.1 iQA/AwUBSuW0z5oAxkTY1oPiEQKKEQCgiu7JaG3m5btuZWocTJcnCJr2VPIAoPGH 0DHZE++FpUbAa90SKtbwBOUK =Hdd1 -----END PGP SIGNATURE----- -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
