Re: NEWBIES, SMTP and SECURITY

To: debian-user@lists.debian.org
Subject: Re: NEWBIES, SMTP and SECURITY
From: "Paul J. Keenan" <paul.keenan@motorola.com>
Date: Wed, 22 Dec 1999 01:09:47 +0000
Message-id: <[🔎] 386024DB.676CEC77@motorola.com>
References: <[🔎] 38600139.630B8B2D@home.com>

Albert Hurd wrote:

> 1. Why is smtp installed by default? The typical user who uses Netscape apparently
> doesn't need it. Perhaps it should be installed only with packages that need it, and security
> problems addressed.

Extract from slink netbase_3.11-1.2.deb's postinst file :

# create a new /etc/inetd.conf file if it doesn't already exist
if [ ! -f /etc/inetd.conf ]; then
cat <<EOC >/etc/inetd.conf
# /etc/inetd.conf: see inetd(8) for further informations.
#
# Internet server configuration database
#
#
# Lines starting with "#:LABEL:" or "#<off>#" should not
# be changed unless you know what you are doing!
#
# If you want to disable an entry so it isn't touched during
# package updates just comment it out with a single '#' character.
#
# Packages should modify this file by using update-inetd(8)
#
# <service_name> <sock_type> <proto> <flags> <user> <server_path> <args>
#
#:INTERNAL: Internal services
#echo stream tcp nowait root internal
#echo dgram udp wait root internal
#chargen stream tcp nowait root internal
#chargen dgram udp wait root internal
discard stream tcp nowait root internal
discard dgram udp wait root internal
daytime stream tcp nowait root internal
#daytime dgram udp wait root internal
time stream tcp nowait root internal
#time dgram udp wait root internal

#:STANDARD: These are standard services.

#:BSD: Shell, login, exec and talk are BSD protocols.

#:MAIL: Mail, news and uucp services.

#:INFO: Info services

#:BOOT: Tftp service is provided primarily for booting. Most sites
# run this only on machines acting as "boot servers."

#:RPC: RPC based services

#:HAM-RADIO: amateur-radio services

#:OTHER: Other services

EOC

on mine :

funkiest:~/t$ telnet localhost 25
Trying 127.0.0.1...
telnet: Unable to connect to remote host: Network is unreachable

So it looks as though smtp port is disabled by default.

Unfortunately, the file in question is a config file. These present
problems when upgrading, since you want your customisations to remain
but you may also want some of the features in the new config file.

dpkg asks you what to do in this case. I always pick "N" and take a
note of the config file. Then I can take a look later to pick out
whether I want my old file, the new file (<oldfilename>.dist-dpkg)
or a mixture of both.

But it looks like Debian is secured against this type of atrocious
behaviour by default on each new install, AFAIK.

> Albert Hurd

--
Regards,
Paul

Reply to:

References:
- NEWBIES, SMTP and SECURITY
  - From: Albert Hurd <ahurd@home.com>

Prev by Date: Re: UK Freeserve Connection
Next by Date: Re: cannot open '/dev/lp0' - 'No such device'
Previous by thread: Re: NEWBIES, SMTP and SECURITY
Next by thread: Re: NEWBIES, SMTP and SECURITY
Index(es):
- Date
- Thread