Re: default MTA
If you do discover how to do this reliably, I'd be interested in your solution. If you/someone else feels it's too unrelated to this list, feel free to email me directly, but I think this is generally interesting.
Ron Scott-Adams
ron@tohuw.net
"The truth is incontrovertible. Malice may attack it, ignorance may deride it, but in the end, there it is." (Winston Churchill)
On Jun 6, 2013, at 13:37 , Chris Knadle <Chris.Knadle@coredump.us> wrote:
> On Thursday, June 06, 2013 13:18:39, Bernhard R. Link wrote:
>> * Chris Knadle <Chris.Knadle@coredump.us> [130606 14:53]:
>>> I'm glad you asked this, because it prompted me to investigate further.
>>> This was something I was told was commonly done, but it looks now like
>>> it might be a misnomer. I'm not able to find a concrete example of a
>>> system that allows SMTP MTA transfers but doesn't allow telnet to the
>>> SMTP port. [The instances that seemed to fit the symptoms look like
>>> they have more "normal" root causes, such as ISP port 25 filtering.]
>>>
>>> Because I had repeatedly been told that telnet to the MTA was a security
>>> problem, prior to now I had suspected that blocking telnet to SMTP might
>>> be possible via firewall filtering that distinguished the "type of
>>> service" somehow, but after doing some packet sniffing and examining the
>>> resulting packet internals I'm starting to doubt this is possible.
>>
>> Actually, it is possible to block telnet (and I've seen some ISPs do it).
>
> Okay. I'm going to try to figure out how this is done, as this has been one
> of those things "in the back of my mind" for a bit too long.
>
>> In unrelated news, using telnet is a bad idea. If you want to connect to
>> some port and see what you get, use netcat.
>
> Yep, netcat looks like the better tool for this. Thanks for the hint!
>
> -- Chris
>
> --
> Chris Knadle
> Chris.Knadle@coredump.us
> GPG Key: 4096R/0x1E759A726A9FDD74
>
>
> --
> To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> Archive: [🔎] 201306061337.55807.Chris.Knadle@coredump.us">http://lists.debian.org/[🔎] 201306061337.55807.Chris.Knadle@coredump.us
>
Reply to: