Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
telnetting to port 25
1 view
Skip to first unread message
Rick Lindsley
Sep 30, 1986, 12:43:58 PM9/30/86
to
Has anybody thought of a good solution to this problem? One that I once
implemented was to make smtp use a root port to send mail. Then if I
telnet to 25, then, I can chat with a help command, or maybe vrfy an
address, but as soon as I do mail from: I'll get an error.
implemented was to make smtp use a root port to send mail. Then if I
telnet to 25, then, I can chat with a help command, or maybe vrfy an
address, but as soon as I do mail from: I'll get an error.
In our particular case, we had mixed mailers (not all used root ports)
so I couldn't just refuse the message. What I did, though, was tack on
a line:
Comments: Message received over unauthenticated port.
Unfortunately, the users howled that this *looked* bad, and made our
company *look* bad. Apparently they'd rather have the hole present then
"look bad", so when we converted to sendmail the "feature" of
being able to telnet a forged message returned.
Does anybody else see this as a solution, or if not a solution then
perhaps a step towards one? I also think verification of a sitename on
a helo command would be nice, to catch obvious liars. (Yes I once
implemented that too, and caught flak for that too!)
Rick
0 new messages