Ronneil,
#I've noticed that when I telnet to any mail servers on port 25, I can send
#email to anyone using SMTP commands. Is there a way to stop this?
SMTP servers communicate to each other with those same commands so you
do not want to disable all of them. There are some commands like VRFY or
EXPN that you may not want to allow. You do need to allow the basic SMTP
commands like HELO, EHLO, DATA, RCPT TO, MAIL FROM, ect. If you look in
your maillog, you will sometimes find error messages that say something
along the lines of 'this is a human and not a daemon.' As long as you have
anti-relay rules implemented (Sendmail) or the equivelent for your SMTP
server to prevent spam you should be fine.
Sendmail specific stuff:
The VRFY command causes Sendmail to verify that it will accept an
address for delivery. It gives the login name and full name when the login
name is given. This helps if you want to find login names to brute force
passwords on.
The EXPN command shows all of the members of a mailing list. If I
can guess an internal mail list name then I can get the login name for all
of the people on this list with the EXPN command.
For sendmail Version 8, these commands can be disabled with the p
option (PrivacyOption). This setting disables EXPN and VRFY, requires
other sites to identify themselves (HELO hostname.domain.com), and limits
access to the mail queue directory (/var/spool/mqueue or wherever you
placed it).
Check out these references on Sendmail.
www.sendmail.org
Sendmail 2nd Edition, O'Reilly Books
Regards,
Jeffery Gieser
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
