> -----Ursprungligt meddelande-----
> Fr�n: [EMAIL PROTECTED] [SMTP:[EMAIL PROTECTED]]
> Skickat: den 5 april 1999 23:24
> Till: '[EMAIL PROTECTED]'
> Kopia: Igor I. Shulz
> �mne: Re: is 113 dangerous?
>
> On 4 Apr 99, at 19:34, Igor I. Shulz wrote:
>
> > Should I drop TCP-packets on 113 (auth) incoming from internet? I
> > have many such packets dropped in syslog and I'm worried am I correct
> > by dropping them?
>
> We typically see these when we fetch mail from remote POP servers.
> We have no problem reports from our users indicating that dropping them
> is causing any problem.
>
>
> David G
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
>
>
[Skough Axel IT-S] I want to comment this too.
We are using SMTP servers here for outbound mail, some SMTP sites
sends us TCP packets on 113 when we connect to them. This is not usual, but
appears.
If we drop such packets in our firewall then no RFC 821 session is
established by the remote SMTP site. I find this strategy to protect a site
somewhat cumbersome, it took a lot of time until I understood that it was
the remote SMTP site which sent us a TCP packet on 113 and that I must not
drop such packets if I wanted the SMTP mail session to be performed. So I
have turned on the port 113 for our SMTP mail and our firewall address (as
we use NAT to protect our internals).
Rgds / Axel Skough, Information Technology, Statistics Sweden
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
