so is there any problems at all with rejecting ident requests?
(not just smtp, anything else as well?)
The advantage of dropping an unwanted packet over rejecting it
is that the originator has to wait for the delay, I.E if you drop
the packet they don't know if your server is up down or if the
At the moment I just let then fall thru until they hit the policy, which
is DROP,
Do you sometimes find that your outbound mail queue is rather full?
Had a problem a while back with this, the outbound mail queue on a
sendmail server hiding behind a firewall nearly overflowed the disk.
On Sun, 2002-07-28 at 16:42, Peter Rundle wrote:
The fact that you didn't actually reply to the ident but just rejected
it seems to be enough for the server to go ahead with the smtp.
so is there any problems at all with rejecting ident requests?
(not just smtp, anything else as well?)
if
]
Sent: Sunday, July 28, 2002 8:01 PM
Subject: Re: [SLUG] Firewalls ident service
On Sun, 2002-07-28 at 16:42, Peter Rundle wrote:
The fact that you didn't actually reply to the ident but just rejected
it seems to be enough for the server to go ahead with the smtp.
so is there any problems
On Sun, 28 Jul 2002, Ben de Luca wrote:
I think the reason people dont send reject is that it returns a rejection
reply, Your going to increase your bandwith charges and some people can
relay a DOS of you by faking the orginators address.
Why would you get a rejection reply from a site that
?
- Original Message -
From: Howard Lowndes [EMAIL PROTECTED]
To: Ben de Luca [EMAIL PROTECTED]
Cc: slug [EMAIL PROTECTED]
Sent: Monday, July 29, 2002 3:40 AM
Subject: Re: [SLUG] Firewalls ident service
On Sun, 28 Jul 2002, Ben de Luca wrote:
I think the reason people dont send reject
On Tue, 2002-06-25 at 20:33, Andy Eager wrote:
I know this question is open to debate, but is it wise or desireable to
offer auth services through a firewall?
I gather it is only used when sending mail by the remote smtpd to
identify the sender. At the moment I reject incomming packets
On 28 Jul 2002, David Fitch wrote:
On Tue, 2002-06-25 at 20:33, Andy Eager wrote:
I know this question is open to debate, but is it wise or desireable to
offer auth services through a firewall?
I gather it is only used when sending mail by the remote smtpd to
identify the sender. At
Hi all,
I know this question is open to debate, but is it wise or desireable to
offer auth services through a firewall?
I gather it is only used when sending mail by the remote smtpd to
identify the sender. At the moment I reject incomming packets bound for
port 113 with a tcp-reset.
On