Re: default MTA

To: Chris.Knadle@coredump.us
Cc: debian-devel@lists.debian.org
Subject: Re: default MTA
From: Ron Scott-Adams <ron@tohuw.net>
Date: Thu, 6 Jun 2013 13:42:12 -0400
Message-id: <[🔎] 928757F7-FE35-43BD-A784-1C83AC755F64@tohuw.net>
In-reply-to: <[🔎] 201306061337.55807.Chris.Knadle@coredump.us>
References: <20130528010222.GA14069@bongo.bofh.it> <[🔎] 201306060852.13676.Chris.Knadle@coredump.us> <[🔎] 20130606171839.GA3439@client.brlink.eu> <[🔎] 201306061337.55807.Chris.Knadle@coredump.us>

If you do discover how to do this reliably, I'd be interested in your solution. If you/someone else feels it's too unrelated to this list, feel free to email me directly, but I think this is generally interesting.


Ron Scott-Adams
ron@tohuw.net
"The truth is incontrovertible. Malice may attack it, ignorance may deride it, but in the end, there it is." (Winston Churchill)





On Jun 6, 2013, at 13:37 , Chris Knadle <Chris.Knadle@coredump.us> wrote:

> On Thursday, June 06, 2013 13:18:39, Bernhard R. Link wrote:
>> * Chris Knadle <Chris.Knadle@coredump.us> [130606 14:53]:
>>> I'm glad you asked this, because it prompted me to investigate further. 
>>> This was something I was told was commonly done, but it looks now like
>>> it might be a misnomer.  I'm not able to find a concrete example of a
>>> system that allows SMTP MTA transfers but doesn't allow telnet to the
>>> SMTP port.  [The instances that seemed to fit the symptoms look like
>>> they have more "normal" root causes, such as ISP port 25 filtering.]
>>> 
>>> Because I had repeatedly been told that telnet to the MTA was a security
>>> problem, prior to now I had suspected that blocking telnet to SMTP might
>>> be possible via firewall filtering that distinguished the "type of
>>> service" somehow, but after doing some packet sniffing and examining the
>>> resulting packet internals I'm starting to doubt this is possible.
>> 
>> Actually, it is possible to block telnet (and I've seen some ISPs do it).
> 
> Okay.  I'm going to try to figure out how this is done, as this has been one 
> of those things "in the back of my mind" for a bit too long.
> 
>> In unrelated news, using telnet is a bad idea. If you want to connect to
>> some port and see what you get, use netcat.
> 
> Yep, netcat looks like the better tool for this.  Thanks for the hint!
> 
>  -- Chris
> 
> --
> Chris Knadle
> Chris.Knadle@coredump.us
> GPG Key: 4096R/0x1E759A726A9FDD74
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> Archive: [🔎] 201306061337.55807.Chris.Knadle@coredump.us">http://lists.debian.org/[🔎] 201306061337.55807.Chris.Knadle@coredump.us
>

Reply to:

References:
- Re: default MTA
  - From: Chris Knadle <Chris.Knadle@coredump.us>
- Re: default MTA
  - From: "Bernhard R. Link" <brlink@debian.org>
- Re: default MTA
  - From: Chris Knadle <Chris.Knadle@coredump.us>

Prev by Date: Re: Default desktop for jessie Was: Re: Debian/Wheezy general rant ...
Next by Date: Re: Debian/Wheezy general rant Was: mount point gets "(deleted)" / unable to unmount
Previous by thread: Re: default MTA
Next by thread: Re: default MTA
Index(es):
- Date
- Thread