On Aug 24, 4:00pm, "Little, Craig \(SSI-SIAP-NP5\)" wrote:
} Subject: RE: SMTP servers
} Given that you can detect the telnet options, is there any way of
} setting up a 'telnet-smtp' service in FW-1? Admittedly, not all
} telnet connections to SMTP are intrusion attempts, but I can't think
} of anyone I want to give telnet access to my mail server (apart from
} myself). Nine out of ten telnet connections WILL be someone trying to
} get information to prepare an attack. I'd like to block these
} connections if possible, and I'm sure most admins would, if not be
} able to report on them...
I frequently point a telnet client at SMTP servers that have been
hijacked by spammers in an attempt to send us junk email. One reason
that I do this is to get a look at the host name in the SMTP greeting
so that I know where to send a complaint about the open relay. I
may also look for a working mailbox if my initial message to Postmaster
bounces.
If I'm not able to send a heads up message to the owner of the machine
in question, due to his paranoia or any other reason, I generally will
send a complaint to the abuse address of the upstream connection, which
may well pull the plug ...
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
