Re: anonymous messages


stev@vax.ftp.com
Wed, 9 Nov 88 09:04:24 EST


*It seems to me as if we could solve this whole
*problem once and for all by simply requiring the originating port for SMTP
*deliveries to be a privileged port ( < 512 ). As a matter of fact, we could
*probably require the originating port to be 25 as well as the destination port.
*-----------------------------------------------------------------------------
*Richard A. Johnson raj@ics.uci.edu (Internet)
*UCI ICS Assistant Support Manager ucbvax!ucivax!raj (UUCP)
*Postmaster / Network Services raj@tertius.ics.uci.edu (via Nameservers)

wrongo. bullshit. just because your bsd machine believes that some
ports are only for the "superuser" to open doesn't mean my pc does.
or my TOPS-20. or my MVS. there is public domain source for a telnet
running on IBM type and MAC pcs. any of them could be trivally adjusted
to send from a low port.

making faulty assumptions is a good way not to get the security you are
looking for. if you *really* want this, resolve the name they pass you
in the HELO and see if the address matches the one you are talking to.

one other thing, you should only print the warning message if they
try and send mail, alot of people are just trying to check an alias
or mailing list.

stev knowles
ftp software
stev@ftp.com



This archive was generated by hypermail 2.0b3 on Thu Mar 09 2000 - 14:44:29 GMT