If you will block telnet on port 25 (smtp) to your mail server how do you expect getting or sending any emails? maybe via another mail server? :)
----- Original Message ----- From: <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Saturday, April 13, 2002 12:16 AM Subject: Firewalls digest, Vol 1 #664 - 13 msgs > Send Firewalls mailing list submissions to > [EMAIL PROTECTED] > > To subscribe or unsubscribe via the World Wide Web, visit > http://lists.gnac.net/mailman/listinfo/firewalls > or, via email, send a message with subject or body 'help' to > [EMAIL PROTECTED] > > You can reach the person managing the list at > [EMAIL PROTECTED] > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of Firewalls digest..." > > > Today's Topics: > > 1. Re: PIX 515 (Daniel Crichton) > 2. Re: blocking telnet to port 25 (Chris Lee) > 3. Re: Proxy vs stateful... oh no, not again :) (Was: Re: > MigrationfromGauntlet 5 to Firewall-1) (Mikael Olsson) > 4. Problems with Watchguard HTTP-proxy ([EMAIL PROTECTED]) > 5. Re: blocking telnet to port 25 (Binaya D. Joshi) > 6. Re: blocking telnet to port 25 (Ron DuFresne) > 7. Re: PIX 515 (Georges J. JAHCHAN, P. Eng.) > 8. Re: Proxy vs stateful... oh no, not again :) (Was: Re: > MigrationfromGauntlet 5 to Firewall-1) (Paul D. Robertson) > 9. Re: blocking telnet to port 25 (Larry Chuon) > 10. Re: blocking telnet to port 25 (Ron DuFresne) > 11. RE: Annoying firewall (Matthew Carpenter) > > --__--__-- > > Message: 1 > From: "Daniel Crichton" <[EMAIL PROTECTED]> > To: Julian Gomez <[EMAIL PROTECTED]> > Date: Wed, 10 Apr 2002 10:25:43 +0100 > Subject: Re: PIX 515 > Cc: [EMAIL PROTECTED] > > On 10 Apr 2002 at 17:06, Julian Gomez wrote: > > > until I'm done doing my thing ;) Question - how do you bolt down Napster > > and its ilk ? I thought it uses a range of dynamic ports even tunneling > > through HTTP if it has to. > > For the older versions I don't think it would do HTTP tunneling, so I just > blocked the ports and server IPs it used. Here's the list of IPs and ports > I had blocked back then (in fact still do, although I also run nmap from > time to time across the network looking for anything out of the ordinary, > although my LAN is now much smaller and everyone knows I keep tabs on what > software they have installed!). > > 208.184.216.0/24:8875 > 208.178.163.61/32:4444 > 208.178.163.61/32:5555 > 208.178.163.61/32:6666 > 208.178.163.61/32:7777 > 208.178.163.61/32:8888 > 208.178.175.0/24:4444 > 208.178.175.0/24:5555 > 208.178.175.0/24:6666 > 208.178.175.0/24:7777 > 208.178.175.0/24:8888 > 208.184.216.0/24:4444 > 208.184.216.0/24:5555 > 208.184.216.0/24:6666 > 208.184.216.0/24:7777 > 208.184.216.0/24:8888 > 208.49.239.0/24:4444 > 208.49.239.0/24:5555 > 208.49.239.0/24:6666 > 208.49.239.0/24:7777 > 208.49.239.0/24:8888 > 0.0.0.0:6699 > > the last one being all outgoing connections on 6699. > > > Is this PIX specific ? Having never touched a PIX - I'm blurry at best. > > Nope, I just blocked the above which I found on a site somewhere when > digging around for ways to block Napster. If I had to do it again I'd > probably run something like Snort which allows you to look for specific > data in the packets to identify Napster (and other apps) no matter what > the destination IP or port and return the packets to close or deny the > connection to the local machine, then the responses from the real > destination would be ignored as the connection would already be closed. > Obviously to do this you would need Snort running on a machine that could > see all packets being passed from the inside to the internet so placing it > is fun in a switched network. > > Dan > --- > D.C. Crichton email: [EMAIL PROTECTED] > Senior Systems Analyst tel: +44 (0)121 706 6000 > Computer Manuals Ltd. fax: +44 (0)121 606 0477 > > Computer book info on the web: > http://computer-manuals.co.uk/ > Want to earn money? Join our affiliate network! > http://computer-manuals.co.uk/affiliate/ > > > --__--__-- > > Message: 2 > Date: Wed, 10 Apr 2002 17:43:57 +0800 > From: Chris Lee <[EMAIL PROTECTED]> > Organization: ipVx Sdn. Bhd. > To: [EMAIL PROTECTED] > Subject: Re: blocking telnet to port 25 > > If you want mail to through, you can't. > > Chris > > Sayed Peerzade wrote: > > > Hello, > > > > I'm systems engineer in an ISP handling mail servers, i also handle > > checkpoint. > > pls tell me how to block telnet to port 25, keeping normal telnet to > > perform normally on mail server (netscape messaging server running on > > solaris OS)) > > u can tell me method to block either in checkpoint or on mail server > > itself. > > Thanks and regards. > > > > Sayed K.Peerzade. > > > > _______________________________________________ > > Firewalls mailing list > > [EMAIL PROTECTED] > > http://lists.gnac.net/mailman/listinfo/firewalls > > > --__--__-- > > Message: 3 > Date: Wed, 10 Apr 2002 12:20:06 +0200 > From: Mikael Olsson <[EMAIL PROTECTED]> > Organization: Clavister AB > To: "Paul D. Robertson" <[EMAIL PROTECTED]> > Cc: [EMAIL PROTECTED] > Subject: Re: Proxy vs stateful... oh no, not again :) (Was: Re: > MigrationfromGauntlet 5 to Firewall-1) > > > > "Paul D. Robertson" wrote: > > > > [some very interesting points, even though less than 1% of > > the firewall admins today actually care about it :/ ] > > We're getting into deep enough specifics that I realize I can't > counter this using general arguments. This would mean I'd have to > resort to discussing our stuff (which obviously I know best), but: > > 1. That sort of voids the topic > 2. It isn't nearly as fun :) > 3. I've already posted more clavister-specific stuff to this > (general-purpose) list than I'm comfortable doing :/ > (unless specifically asked to do so, of course) > > IOW: "Here, have a freebie point or two" :) > > > [on (pseudo) fragment reassembly] > > The issue becomes how much checking is someone doing with frags- > > as it becomes a pretty plausible DoS attack to send pseudo-initial > > frags in some instances > > If you're refering to simply filling up the available reassembly > slots, that will DoS fragment reassembly on a proxy equally well. > > An SPF on the other hand, given that it can make the assumption that > it can eat more kernel RAM in its in-kernel hooks (or doesn't even > have a thing called "kernel RAM". hehe :)), and that it knows that > it has to protect thousands of internal hosts, would potentially be > better at this than a general-purpose IP stack designed for local > reassembly only. > > No points to you for that one. Maybe half a point to me :) > > (Although I guess the key word there is "potentially", generally > speaking. I'm almost starting to see your point, given the > "general" state of affairs. &%@#�&#@&) > > > > On Wed, 10 Apr 2002, Mikael Olsson wrote: > > > And here's one more for proxies: most (all?) proxy firewalls ride > > > on top of full-fledged OSes, and when the proxy dies, it tends > > > to leave to OS somewhat unshielded :) > > > > Unshielded how? If the proxy code is all that's bound to sockets, > > the exposure window isn't all that horrific is it? > > Just a point of interest: > Isn't it fairly common for (commercial) proxy firewalls to apply > packet filtering on traffic to the firewall itself? > (At least stuff like the "kill raptor boxes by sending IP options > with 0 length" bug from a couple of years ago has led me to think so. > I could be wrong.) > > > > OTOH, the same is true for at least the majority of the SPFs. %&#%�. > > > > Darnit! No fair taking my points! ;) > > Suddenly turning around and taking the opposite view of one's > usual view is a great brain exercise, I've been told. > > ... and done in the middle of an entertaining argument, it also > tends to drive people nuts :) > > > Now, you either need to stop dropping points that we (I? ;)) haven't > finished arguing, or tell me where to pick up my cigar :) > > -- > Mikael Olsson, Clavister AB > Storgatan 12, Box 393, SE-891 28 �RNSK�LDSVIK, Sweden > Phone: +46 (0)660 29 92 00 Mobile: +46 (0)70 26 222 05 > Fax: +46 (0)660 122 50 WWW: http://www.clavister.com > > "Senex semper diu dormit" > > --__--__-- > > Message: 4 > Date: Wed, 10 Apr 2002 12:18:29 +0200 > From: [EMAIL PROTECTED] > To: [EMAIL PROTECTED] > Subject: Problems with Watchguard HTTP-proxy > Reply-To: [EMAIL PROTECTED] > > SGVsbG8hDQoNCkkgaGF2ZSBhIHByb2JsZW0gd2l0aCBhIFdhdGNoZ3VhcmQgRmlyZWJveCBJSSAv > IDUuMA0KSW4gbXkgY29uZmlndXJhdGlvbiBvZiB0aGUgSFRUUC1Qcm94eSBJIGFsbG93IGFwcGxp > Y2F0aW9uL3ppcCBidXQgZGVueSBKYXZhIEFwcGxldHMuIEV2ZXJ5IHppcCBmaWxlIGRvd25sb2Fk > ZWQgYnkgbWUgYW5kIGFueSBwZW9wbGUgZnJvbSBteSBzdWJuZXQgaXMgc3Rvb3BwZWQgYWZ0ZXIg > dGhlIGZpcnN0IHBhY2tldCBzbyBpdCBpcyBvbmx5IGEgZmV3IGJ5dGVzIGxhcmdlLiBUaGUgbG9n > IHNheXMgInVuc2FmZSBBcHBsZXQiIGJ1dCBldmVuIGFmdGVyIHNuaWZmaW5nIGluIGZyb250IG9m > IHRoZSBmaXJld2FsbCB0aGVyZSBpcyBubyBBcHBsZXQgUGFja2V0IGluIGZyb250IG9mIG15IEZp > cmV3YWxsLiBCeSBhbGxvd2luZyBKYXZhIEFwcGxldHMsIEkgZ2V0IHRoZSB3aG9sZSB6aXAtZmls > ZS4NCg0KQW55Ym9keSBrbm93IHRoaXMgcHJvYmxlbSA/IA0KDQp3aXRoIHJlZ2FyZHMNCg0Kbmls > cwoKCi0tClNNUyB6dSB0ZXVlcj8gNTAgU01TIGF1cyBkZW0gRS1NYWlsIE9mZmljZSB2ZXJzZW5k > ZW4gLSB1bmQgIGRhcyBNb25hdCBmdWVyIE1vbmF0IQpEYXp1IGdpYnQgZXMgbm9jaCAxMDAgTUIg > U3BlaWNoZXJwbGF0eiBmdWVyIGRpZSBNYWlsYm94LCA3MDAgTUIgdmlydHVlbGxlIEZlc3RwbGF0 > dGUKdW5kIDUwIEZheGUgcHJvIE1vbmF0ISBKZXR6dCBhbm1lbGRlbiB1bnRlciAgaHR0cDovL3d3 > dy5mcmVlbmV0LmRlL3RpcHAvcHJlbWl1bS9pbmRleC5odG1s > > > --__--__-- > > Message: 5 > Date: Wed, 10 Apr 2002 16:14:35 +0545 (NPT) > From: "Binaya D. Joshi" <[EMAIL PROTECTED]> > To: Chris Lee <[EMAIL PROTECTED]> > Cc: [EMAIL PROTECTED] > Subject: Re: blocking telnet to port 25 > > blocking telnet to port 25 in mail server... huh ??? > > if so; may be this be the last mail u r be receiving :) > > > > B.D.Joshi > > > On Wed, 10 Apr 2002, Chris Lee wrote: > > > If you want mail to through, you can't. > > > > Chris > > > > Sayed Peerzade wrote: > > > > > Hello, > > > > > > I'm systems engineer in an ISP handling mail servers, i also handle > > > checkpoint. > > > pls tell me how to block telnet to port 25, keeping normal telnet to > > > perform normally on mail server (netscape messaging server running on > > > solaris OS)) > > > u can tell me method to block either in checkpoint or on mail server > > > itself. > > > Thanks and regards. > > > > > > Sayed K.Peerzade. > > > > > > _______________________________________________ > > > Firewalls mailing list > > > [EMAIL PROTECTED] > > > http://lists.gnac.net/mailman/listinfo/firewalls > > > > _______________________________________________ > > Firewalls mailing list > > [EMAIL PROTECTED] > > http://lists.gnac.net/mailman/listinfo/firewalls > > > > > --__--__-- > > Message: 6 > Date: Wed, 10 Apr 2002 05:44:01 -0500 (CDT) > From: Ron DuFresne <[EMAIL PROTECTED]> > To: "Binaya D. Joshi" <[EMAIL PROTECTED]> > Cc: Chris Lee <[EMAIL PROTECTED]>, <[EMAIL PROTECTED]> > Subject: Re: blocking telnet to port 25 > > On Wed, 10 Apr 2002, Binaya D. Joshi wrote: > > > blocking telnet to port 25 in mail server... huh ??? > > > > if so; may be this be the last mail u r be receiving :) > > > > Saves some folks that painful hitting of the delte key a few times a day > though, and certainly can limit workloads! > > > > > Thanks, > > Ron DuFresne > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > "Cutting the space budget really restores my faith in humanity. It > eliminates dreams, goals, and ideals and lets us get straight to the > business of hate, debauchery, and self-annihilation." -- Johnny Hart > ***testing, only testing, and damn good at it too!*** > > OK, so you're a Ph.D. Just don't touch anything. > > > --__--__-- > > Message: 7 > Reply-To: "Georges J. JAHCHAN, P. Eng." <[EMAIL PROTECTED]> > From: "Georges J. JAHCHAN, P. Eng." <[EMAIL PROTECTED]> > To: "Firewalls List" <[EMAIL PROTECTED]> > Subject: Re: PIX 515 > Date: Wed, 10 Apr 2002 12:36:15 +0200 > > Watching traffic and blocking ports on firewalls is not the right solution. > Peer-to-peer apps tend to use an ever-changing variation of hosts and ports. > Keeping track of the connections is a time consuming manual process. > > If you want to manage how applications use your WAN bandwidth, you need a > PacketShaper. It auto-identifies the applications making it to your WAN and > allows you to set policies to guarantee, limit or block the WAN bandwidth > used by any class of traffic (sort of an application QoS). It acts on both > inbound and outbound traffic, and adds less than 2-msec of latency. It has > substantial layer-7 "smarts" to identify (and block or tame) Napster, > Gnutella and KaZaa amongst others. Check it out at: http://www.packeteer.com > > ----- Original Message ----- > From: "Daniel Crichton" <[EMAIL PROTECTED]> > To: "Julian Gomez" <[EMAIL PROTECTED]> > Cc: <[EMAIL PROTECTED]> > Sent: Wednesday, April 10, 2002 11:25 am > Subject: Re: PIX 515 > > > On 10 Apr 2002 at 17:06, Julian Gomez wrote: > > > until I'm done doing my thing ;) Question - how do you bolt down Napster > > and its ilk ? I thought it uses a range of dynamic ports even tunneling > > through HTTP if it has to. > > For the older versions I don't think it would do HTTP tunneling, so I just > blocked the ports and server IPs it used. Here's the list of IPs and ports > I had blocked back then (in fact still do, although I also run nmap from > time to time across the network looking for anything out of the ordinary, > although my LAN is now much smaller and everyone knows I keep tabs on what > software they have installed!). > > 208.184.216.0/24:8875 > 208.178.163.61/32:4444 > 208.178.163.61/32:5555 > 208.178.163.61/32:6666 > 208.178.163.61/32:7777 > 208.178.163.61/32:8888 > 208.178.175.0/24:4444 > 208.178.175.0/24:5555 > 208.178.175.0/24:6666 > 208.178.175.0/24:7777 > 208.178.175.0/24:8888 > 208.184.216.0/24:4444 > 208.184.216.0/24:5555 > 208.184.216.0/24:6666 > 208.184.216.0/24:7777 > 208.184.216.0/24:8888 > 208.49.239.0/24:4444 > 208.49.239.0/24:5555 > 208.49.239.0/24:6666 > 208.49.239.0/24:7777 > 208.49.239.0/24:8888 > 0.0.0.0:6699 > > the last one being all outgoing connections on 6699. > > > Is this PIX specific ? Having never touched a PIX - I'm blurry at best. > > Nope, I just blocked the above which I found on a site somewhere when > digging around for ways to block Napster. If I had to do it again I'd > probably run something like Snort which allows you to look for specific > data in the packets to identify Napster (and other apps) no matter what > the destination IP or port and return the packets to close or deny the > connection to the local machine, then the responses from the real > destination would be ignored as the connection would already be closed. > Obviously to do this you would need Snort running on a machine that could > see all packets being passed from the inside to the internet so placing it > is fun in a switched network. > > Dan > --- > D.C. Crichton email: [EMAIL PROTECTED] > Senior Systems Analyst tel: +44 (0)121 706 6000 > Computer Manuals Ltd. fax: +44 (0)121 606 0477 > > Computer book info on the web: > http://computer-manuals.co.uk/ > Want to earn money? Join our affiliate network! > http://computer-manuals.co.uk/affiliate/ > > _______________________________________________ > Firewalls mailing list > [EMAIL PROTECTED] > http://lists.gnac.net/mailman/listinfo/firewalls > > > > --__--__-- > > Message: 8 > Date: Wed, 10 Apr 2002 08:14:43 -0400 (EDT) > From: "Paul D. Robertson" <[EMAIL PROTECTED]> > To: Mikael Olsson <[EMAIL PROTECTED]> > Cc: <[EMAIL PROTECTED]> > Subject: Re: Proxy vs stateful... oh no, not again :) (Was: Re: > MigrationfromGauntlet 5 to Firewall-1) > > On Wed, 10 Apr 2002, Mikael Olsson wrote: > > > (unless specifically asked to do so, of course) > > You're not getting off that easy! > > > If you're refering to simply filling up the available reassembly > > slots, that will DoS fragment reassembly on a proxy equally well. > > It depends on how much checking is done- there was a point in time where > at least one major PF wouldn't check sequence numbers before reassembling > or rejecting TCP frags! > > > An SPF on the other hand, given that it can make the assumption that > > it can eat more kernel RAM in its in-kernel hooks (or doesn't even > > have a thing called "kernel RAM". hehe :)), and that it knows that > > it has to protect thousands of internal hosts, would potentially be > > better at this than a general-purpose IP stack designed for local > > reassembly only. > > Everyone's stack that I could think of using for an ALG is tunable to the > same sort of extent and with all the appropriate performance tweaks > already in place. Before SYN floods were an attack, high-volume Web sites > experienced the same problem in daily use, and got stack writers at OS > vendors to crank out the appropriate code- so eating of kernel RAM is > equally appropriate. Right after we got them all fixing SYN floods, we > asked for frag handling to work the same way. > > (It sucks when your Web server won't take anymore connections, then you > figure out that the OS keeps socket state in a linear table, and it's > taking longer to walk the table and find the next open slot than the > timeout value on a socket- fixing the stack isn't something that > generally happens correctly on the first patch.) > > > > On Wed, 10 Apr 2002, Mikael Olsson wrote: > > > > And here's one more for proxies: most (all?) proxy firewalls ride > > > > on top of full-fledged OSes, and when the proxy dies, it tends > > > > to leave to OS somewhat unshielded :) > > > > > > Unshielded how? If the proxy code is all that's bound to sockets, > > > the exposure window isn't all that horrific is it? > > > > Just a point of interest: > > Isn't it fairly common for (commercial) proxy firewalls to apply > > packet filtering on traffic to the firewall itself? > > Now it's very common. But even without that, it's difficult to see a > scenerio where a proxy-based firewall that's set up correctly has any > different exposure than a packet filter (except for those filters that use > the kernel's IP forwarding mechanisms, but that'd be coming up with point > arguments.) > > > Now, you either need to stop dropping points that we (I? ;)) haven't > > finished arguing, or tell me where to pick up my cigar :) > > Feh! By my count, I'm at least 4 points ahead! Yes, we're using a > properly weighted scoring mechanism, the rules are I win. ;) > > I've only dropped the ones that will spiral into their own multi-megabyte > threads (Firewall as an IDS indeed!) > > Fortunately for you, I don't smoke, so you'll just be forwarding beers ;) > > Paul > -------------------------------------------------------------------------- --- > Paul D. Robertson "My statements in this message are personal opinions > [EMAIL PROTECTED] which may have no basis whatsoever in fact." > > > --__--__-- > > Message: 9 > From: "Larry Chuon" <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED], [EMAIL PROTECTED] > Cc: [EMAIL PROTECTED], [EMAIL PROTECTED] > Subject: Re: blocking telnet to port 25 > Date: Wed, 10 Apr 2002 12:36:44 +0000 > > <html><div style='background-color:'><DIV> > <P>i think we're talking about stop mail relaying. pls check with your vendor for detail.</P></DIV> > <DIV></DIV> > <DIV></DIV> > <DIV></DIV> > <DIV></DIV> > <DIV></DIV>----Original Message Follows---- > <DIV></DIV>From: Ron DuFresne <[EMAIL PROTECTED]> > <DIV></DIV>To: "Binaya D. Joshi" <[EMAIL PROTECTED]> > <DIV></DIV>CC: Chris Lee <[EMAIL PROTECTED]>, <[EMAIL PROTECTED]> > <DIV></DIV>Subject: Re: blocking telnet to port 25 > <DIV></DIV>Date: Wed, 10 Apr 2002 05:44:01 -0500 (CDT) > <DIV></DIV>MIME-Version: 1.0 > <DIV></DIV>Received: from [209.182.195.144] by hotmail.com (3.2) with ESMTP id MHotMailBE7D631100B240043248D1B6C390F1170; Wed, 10 Apr 2002 03:46:49 -0700 > <DIV></DIV>Received: from lists.gnac.net (localhost [127.0.0.1])by lists.gnac.net (Postfix) with ESMTPid 9D64110898; Wed, 10 Apr 2002 03:46:01 -0700 (PDT) > <DIV></DIV>Received: from icicle.winternet.com (icicle.winternet.com [198.174.169.13])by lists.gnac.net (Postfix) with ESMTP id ECF8C10871for <[EMAIL PROTECTED]>; Wed, 10 Apr 2002 03:44:19 -0700 (PDT) > <DIV></DIV>Received: from tundra.winternet.com ([EMAIL PROTECTED] [198.174.169.11])by icicle.winternet.com (8.12.1/8.12.1/sci) with ESMTP id g3AAi71M024994;Wed, 10 Apr 2002 05:44:08 -0500 (CDT)SMTP "HELO" (ESMTP) greeting from tundra.winternet.comBut _really_ from :: [EMAIL PROTECTED] [198.174.169.11]SMTP "MAIL From:" = [EMAIL PROTECTED] (Ron DuFresne)SMTP "RCPT To:" = We have no RCPT > <DIV></DIV>From [EMAIL PROTECTED] Wed, 10 Apr 2002 03:48:23 -0700 > <DIV></DIV>Delivered-To: [EMAIL PROTECTED] > <DIV></DIV>In-Reply-To: <[EMAIL PROTECTED]> > <DIV></DIV>Message-ID: <[EMAIL PROTECTED]> > <DIV></DIV>X-Admonition: The Good thing about potential is > <DIV></DIV>X-Admonition2: as long as you do nothing > <DIV></DIV>X-Admonition3: you'll always have it. > <DIV></DIV>Sender: [EMAIL PROTECTED] > <DIV></DIV>Errors-To: [EMAIL PROTECTED] > <DIV></DIV>X-BeenThere: [EMAIL PROTECTED] > <DIV></DIV>X-Mailman-Version: 2.0.5 > <DIV></DIV>Precedence: bulk > <DIV></DIV>List-Help: <mailto:[EMAIL PROTECTED]?subject=help> > <DIV></DIV>List-Post: <mailto:[EMAIL PROTECTED]> > <DIV></DIV>List-Subscribe: <HTTP: firewalls listinfo mailman lists.gnac.net>,<mailto:[EMAIL PROTECTED]?subject=subscribe> > <DIV></DIV>List-Id: Firewalls <FIREWALLS.LISTS.GNAC.NET> > <DIV></DIV>List-Unsubscribe: <HTTP: firewalls listinfo mailman lists.gnac.net>,<mailto:[EMAIL PROTECTED]?subject=unsubscribe > > <DIV></DIV>List-Archive: <HTTP: firewalls lists.gnac.net pipermail /> > <DIV></DIV> > <DIV></DIV>On Wed, 10 Apr 2002, Binaya D. Joshi wrote: > <DIV></DIV> > <DIV></DIV>> blocking telnet to port 25 in mail server... huh ??? > <DIV></DIV>> > <DIV></DIV>> if so; may be this be the last mail u r be receiving :) > <DIV></DIV>> > <DIV></DIV> > <DIV></DIV>Saves some folks that painful hitting of the delte key a few times a day > <DIV></DIV>though, and certainly can limit workloads! > <DIV></DIV> > <DIV></DIV> > <DIV></DIV> > <DIV></DIV> > <DIV></DIV>Thanks, > <DIV></DIV> > <DIV></DIV>Ron DuFresne > <DIV></DIV>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > <DIV></DIV>"Cutting the space budget really restores my faith in humanity. It > <DIV></DIV>eliminates dreams, goals, and ideals and lets us get straight to the > <DIV></DIV>business of hate, debauchery, and self-annihilation." -- Johnny Hart > <DIV></DIV>***testing, only testing, and damn good at it too!*** > <DIV></DIV> > <DIV></DIV>OK, so you're a Ph.D. Just don't touch anything. > <DIV></DIV> > <DIV></DIV>_______________________________________________ > <DIV></DIV>Firewalls mailing list > <DIV></DIV>[EMAIL PROTECTED] > <DIV></DIV>http://lists.gnac.net/mailman/listinfo/firewalls > <DIV></DIV></mailto:[EMAIL PROTECTED]?subject=unsubscribe></m ailto:[EMAIL PROTECTED]?subject=subscribe></mailto:firewalls@; lists.gnac.net></mailto:[EMAIL PROTECTED]?subject=help></div> <br clear=all><hr>MSN Photos is the easiest way to share and print your photos: <a href='http://g.msn.com/1HM505401/15'>Click Here</a><br></html> > > --__--__-- > > Message: 10 > Date: Wed, 10 Apr 2002 08:00:20 -0500 (CDT) > From: Ron DuFresne <[EMAIL PROTECTED]> > To: Larry Chuon <[EMAIL PROTECTED]> > Cc: [EMAIL PROTECTED], <[EMAIL PROTECTED]>, > <[EMAIL PROTECTED]> > Subject: Re: blocking telnet to port 25 > > > > No, that's not what's been asked nor discussed in this requestors thread. > Now this ight have been what he was really meaning to ask, but, it's not > what he asked for sure. > > Thanks, > > Ron DuFresne > > On Wed, 10 Apr 2002, Larry Chuon wrote: > > > > > i think we're talking about stop mail relaying. pls check with your > > vendor for detail. > > > > > [poor article quoting deleted] > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > "Cutting the space budget really restores my faith in humanity. It > eliminates dreams, goals, and ideals and lets us get straight to the > business of hate, debauchery, and self-annihilation." -- Johnny Hart > ***testing, only testing, and damn good at it too!*** > > OK, so you're a Ph.D. Just don't touch anything. > > > --__--__-- > > Message: 11 > From: Matthew Carpenter <[EMAIL PROTECTED]> > To: 'Mikael Olsson' <[EMAIL PROTECTED]>, > "Laura A. Robinson" <[EMAIL PROTECTED]> > Cc: [EMAIL PROTECTED] > Subject: RE: Annoying firewall > Date: Wed, 10 Apr 2002 08:36:23 -0500 > > This message is in MIME format. Since your mail reader does not understand > this format, some or all of this message may not be legible. > > ------_=_NextPart_001_01C1E094.B4C8E190 > Content-Type: text/plain; > charset="iso-8859-1" > Content-Transfer-Encoding: quoted-printable > > Dear gods that was not necessary...yuck > > -----Original Message----- > From: Mikael Olsson [mailto:[EMAIL PROTECTED]]=20 > Sent: Wednesday, April 10, 2002 3:42 AM > To: Laura A. Robinson > Cc: [EMAIL PROTECTED] > Subject: Re: Annoying firewall > > > > "Laura A. Robinson" wrote: > >=20 > > Having received e-mail that makes me think that perhaps many who = > subscribe > > to this list are unfamiliar with the term "troll" and prefer to = > assume > that > > I'm making some sort of personal insult, I offer the following links = > for > > edification: > > [...] > > Yeah, yeah, but I still find it immensely more gratifying to > picture this: http://c0ffee.badf00d.org/humor/usenet-troll/ > whenever I come across one of those. > > :) > > --=20 > Mikael Olsson, Clavister AB > Storgatan 12, Box 393, SE-891 28 =D6RNSK=D6LDSVIK, Sweden > Phone: +46 (0)660 29 92 00 Mobile: +46 (0)70 26 222 05 > Fax: +46 (0)660 122 50 WWW: http://www.clavister.com > _______________________________________________ > Firewalls mailing list > [EMAIL PROTECTED] > http://lists.gnac.net/mailman/listinfo/firewalls > > ------_=_NextPart_001_01C1E094.B4C8E190 > Content-Type: text/html; > charset="iso-8859-1" > Content-Transfer-Encoding: quoted-printable > > <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> > <HTML> > <HEAD> > <META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; = > charset=3Diso-8859-1"> > <META NAME=3D"Generator" CONTENT=3D"MS Exchange Server version = > 5.5.2653.12"> > <TITLE>RE: Annoying firewall</TITLE> > </HEAD> > <BODY> > > <P><FONT SIZE=3D2>Dear gods that was not necessary...yuck</FONT> > </P> > > <P><FONT SIZE=3D2>-----Original Message-----</FONT> > <BR><FONT SIZE=3D2>From: Mikael Olsson [<A = > HREF=3D"mailto:[EMAIL PROTECTED]";>mailto:mikael.olsson@clavist= > er.com</A>] </FONT> > <BR><FONT SIZE=3D2>Sent: Wednesday, April 10, 2002 3:42 AM</FONT> > <BR><FONT SIZE=3D2>To: Laura A. Robinson</FONT> > <BR><FONT SIZE=3D2>Cc: [EMAIL PROTECTED]</FONT> > <BR><FONT SIZE=3D2>Subject: Re: Annoying firewall</FONT> > </P> > <BR> > <BR> > > <P><FONT SIZE=3D2>"Laura A. Robinson" wrote:</FONT> > <BR><FONT SIZE=3D2>> </FONT> > <BR><FONT SIZE=3D2>> Having received e-mail that makes me think that = > perhaps many who subscribe</FONT> > <BR><FONT SIZE=3D2>> to this list are unfamiliar with the term = > "troll" and prefer to assume that</FONT> > <BR><FONT SIZE=3D2>> I'm making some sort of personal insult, I = > offer the following links for</FONT> > <BR><FONT SIZE=3D2>> edification:</FONT> > <BR><FONT SIZE=3D2>> [...]</FONT> > </P> > > <P><FONT SIZE=3D2>Yeah, yeah, but I still find it immensely more = > gratifying to</FONT> > <BR><FONT SIZE=3D2>picture this: <A = > HREF=3D"http://c0ffee.badf00d.org/humor/usenet-troll/"; = > TARGET=3D"_blank">http://c0ffee.badf00d.org/humor/usenet-troll/</A></FON= > T> > <BR><FONT SIZE=3D2>whenever I come across one of those.</FONT> > </P> > > <P><FONT SIZE=3D2>:)</FONT> > </P> > > <P><FONT SIZE=3D2>-- </FONT> > <BR><FONT SIZE=3D2>Mikael Olsson, Clavister AB</FONT> > <BR><FONT SIZE=3D2>Storgatan 12, Box 393, SE-891 28 =D6RNSK=D6LDSVIK, = > Sweden</FONT> > <BR><FONT SIZE=3D2>Phone: +46 (0)660 29 92 00 Mobile: +46 = > (0)70 26 222 05</FONT> > <BR><FONT SIZE=3D2>Fax: +46 (0)660 122 = > 50 WWW: <A = > HREF=3D"http://www.clavister.com"; = > TARGET=3D"_blank">http://www.clavister.com</A></FONT> > <BR><FONT = > SIZE=3D2>_______________________________________________</FONT> > <BR><FONT SIZE=3D2>Firewalls mailing list</FONT> > <BR><FONT SIZE=3D2>[EMAIL PROTECTED]</FONT> > <BR><FONT SIZE=3D2><A = > HREF=3D"http://lists.gnac.net/mailman/listinfo/firewalls"; = > TARGET=3D"_blank">http://lists.gnac.net/mailman/listinfo/firewalls</A></= > FONT> > </P> > > </BODY> > </HTML> > ------_=_NextPart_001_01C1E094.B4C8E190-- > > > --__--__-- > > _______________________________________________ > Firewalls mailing list > [EMAIL PROTECTED] > http://lists.gnac.net/mailman/listinfo/firewalls > > > End of Firewalls Digest _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
