I think he was suggesting an alternative method (other than SMTP)to exchange email between MS Exchange servers.
However, I "assume" (dangerous to assume but oh well)that your original request was to keep people from manually telneting to port 25 and manually trying email hacks or create emails etc.. Otherwise the first response is correct, if you close port 25 (the default SMTP port) you will not receive email anymore. Back to the assumption, I know from experience that the Cisco Intrusion Detection on the Firewall Feature set was able to detect me telneting to my email server's port 25 (and killing my connection instantly) and an email server shoveling email to port 25 of the same server(allowing it). While curious, I never found out what it was doing but I am certain it was some difference in packets (TCP flags, source port ???) that triggered this. Perhaps someone can fill in the blank? Joe -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Romulo Cholewa Sent: Thursday, April 25, 2002 4:31 AM To: 'Nick Simicich'; [EMAIL PROTECTED]; [EMAIL PROTECTED]; 'Clifford Thurber' Cc: 'Binaya D. Joshi'; [EMAIL PROTECTED]; 'Chris Lee' Subject: RE: blocking telnet to port 25 Hi Nick, I did not understand why you said that. I mentioned Exchange as an example, not as an obligation. Anyway, would you enlighten me about your statement ? I have Exchange installed in at least 10 customers, and all of them work just fine. Maybe the Exchange installations you saw were not correctly configured. Regards, Romulo M. Cholewa http://www.rmc.eti.br PGP Keys Available @ website. � "Without facts, the decision cannot be made logically. � � You must rely on your human intuition." -- Spock |-----Original Message----- |From: [EMAIL PROTECTED] |[mailto:[EMAIL PROTECTED]] On Behalf Of Nick Simicich |Sent: Thursday, April 25, 2002 1:07 AM |To: [EMAIL PROTECTED]; |[EMAIL PROTECTED]; 'Clifford Thurber' |Cc: 'Binaya D. Joshi'; [EMAIL PROTECTED]; 'Chris Lee' |Subject: RE: blocking telnet to port 25 | | |At 09:54 AM 2002-04-24 -0300, Romulo Cholewa wrote: |>You can use a proprietary email server that rely on RPC |connections, and |>force smtp authentication (ex. Exchange). |> |>This will provide you with the results I think you need. | |What, the inability to talk to anyone in the world who is not |running exchange? | |>Romulo M. Cholewa |>http://www.rmc.eti.br |>PGP Keys Available @ website. |> |> "If a technology does not seem like magic, that's |> because it's not good enough." |> |> |> |> |>|-----Original Message----- |>|From: [EMAIL PROTECTED] |>|[mailto:[EMAIL PROTECTED]] On Behalf Of |>|[EMAIL PROTECTED] |>|Sent: Wednesday, April 24, 2002 2:32 AM |>|To: Clifford Thurber |>|Cc: Binaya D. Joshi; [EMAIL PROTECTED]; Chris Lee |>|Subject: Re: blocking telnet to port 25 |>| |>| |>| |>| |>|could you fingerprint the source port? |>| |>|-C |>| |>|=-=-=-=-=-=-=-=-=-=-=-=-= | |>|0100111001101111011100110110010101111001 |>|Christopher Regenye | |>|System Services | I know you believe you understand what you |>|PR Newswire | think I said, but I am not sure you |realize that |>|christopher_regenye | what you heard is not what I meant. |>| @prnewswire.com | |>|=-=-=-=-=-=-=-=-=-=-=-=-= | |>|0111010000100000010110010110111101110101 |>| |>| |>| |>| |>| |>||--------+----------------------------> |>|| | Clifford Thurber | |>|| | <cthurber@edisonsc| |>|| | hools.com> | |>|| | | |>|| | 04/10/02 10:56 AM | |>|| | | |>||--------+----------------------------> |>| |>|>-------------------------------------------------------------- |>|----------------| |>| | |>| | |>| | To: "Binaya D. Joshi" <[EMAIL PROTECTED]>, Chris |>|Lee | |>| | <[EMAIL PROTECTED]> |>| | |>| | cc: [EMAIL PROTECTED], (bcc: Christopher |>|Regenye/PR Newswire)| |>| | Subject: Re: blocking telnet to port 25 |>| | |>| |>|>-------------------------------------------------------------- |>|----------------| |>| |>| |>| |>| |>| |>|You can't block telnet to port 25 you can either block port 25 |>|or port 23 but thats it. SMTP is a mail protocol it does not |>|care how the connection to the IP/port pair was established as |>|long as it follows the SMTP protocol(i.e issues Helo, Mail |>|From: Rcpt To: etc.) |>| |>| |>|At 04:14 PM 4/10/2002 +0545, Binaya D. Joshi wrote: |>|>blocking telnet to port 25 in mail server... huh ??? |>|> |>|> if so; may be this be the last mail u r be receiving :) |>|> |>|> |>|> |>|>B.D.Joshi |>|> |>|> |>|>On Wed, 10 Apr 2002, Chris Lee wrote: |>|> |>|> > If you want mail to through, you can't. |>|> > |>|> > Chris |>|> > |>|> > Sayed Peerzade wrote: |>|> > |>|> > > Hello, |>|> > > |>|> > > I'm systems engineer in an ISP handling mail servers, i also |>|> > > handle checkpoint. pls tell me how to block telnet to port 25, |>|> > > keeping normal telnet to perform normally on mail server |>|(netscape |>|> > > messaging server running on solaris OS)) |>|> > > u can tell me method to block either in checkpoint or on |>|mail server |>|> > > itself. |>|> > > Thanks and regards. |>|> > > |>|> > > Sayed K.Peerzade. |>|> > > |>|> > > _______________________________________________ |>|> > > Firewalls mailing list |>|> > > [EMAIL PROTECTED] |>|> > > http://lists.gnac.net/mailman/listinfo/firewalls |>|> > |>|> > _______________________________________________ |>|> > Firewalls mailing list |>|> > [EMAIL PROTECTED] |>|> > http://lists.gnac.net/mailman/listinfo/firewalls |>|> > |>|> |>|>_______________________________________________ |>|>Firewalls mailing list |>|>[EMAIL PROTECTED] |>|>http://lists.gnac.net/mailman/listinfo/firewalls |>| |>|_______________________________________________ |>|Firewalls mailing list |>|[EMAIL PROTECTED] |>|For Account Management (unsubscribe, get/change password, etc) |>|Please go to: http://lists.gnac.net/mailman/listinfo/firewalls |>| |>| |>| |>|_______________________________________________ |>|Firewalls mailing list |>|[EMAIL PROTECTED] |>|For Account Management (unsubscribe, get/change password, etc) |>|Please go to: http://lists.gnac.net/mailman/listinfo/firewalls |>| |> |>_______________________________________________ |>Firewalls mailing list |>[EMAIL PROTECTED] |>For Account Management (unsubscribe, get/change password, |etc) Please go to: |>http://lists.gnac.net/mailman/listinfo/firewalls | |-- |War is an ugly thing, but it is not the ugliest of things. The |decayed and |degraded state of moral and patriotic feeling which thinks |that nothing is |worth war is much worse. A man who has nothing for which he is |willing to |fight, nothing he cares about more than his own personal safety, is a |miserable creature who has no chance of being free, unless |made so by the |exertions of better men than himself. -- John Stuart Mill |Nick Simicich - [EMAIL PROTECTED] | |_______________________________________________ |Firewalls mailing list |[EMAIL PROTECTED] |For Account Management (unsubscribe, get/change password, etc) |Please go to: |http://lists.gnac.net/mailman/listinfo/firewalls | _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] For Account Management (unsubscribe, get/change password, etc) Please go to: http://lists.gnac.net/mailman/listinfo/firewalls _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] For Account Management (unsubscribe, get/change password, etc) Please go to: http://lists.gnac.net/mailman/listinfo/firewalls
