Re: SMTP, 2600, and the security of mail


Jim Rees (apollo!rees@EDDIE.MIT.EDU)
Thu, 2 Oct 86 19:38:37 EDT


    You could (marginally) increase the security of SMTP traffic by having
    SMTP servers only accept connections from a 'privileged' remote socket.

This doesn't increase security, it decreases it. It fools the system
administrator into thinking that there is such a thing as a "privileged
remote socket", when in fact there isn't, and it makes it necessary for
the guy who is writing and debugging an smtp client to get superuser
privileges on those machines that do implement 'privileged' local ports.
Like the "communications privacy act", "privileged ports" are a sham
that just fool people into thinking things are secure when they aren't.
-------



This archive was generated by hypermail 2.0b3 on Thu Mar 09 2000 - 14:36:58 GMT