[prev in list] [next in list] [prev in thread] [next in thread] 

List:       firewalls-gc
Subject:    Re: None
From:       "Joseph W. Stroup" <nettech () crl ! com>
Date:       1996-12-07 7:32:37
[Download RAW message or body]

HERE WE GO AGAIN. WHAT THE HECK KIND OF SUBJECT LINE IS   NONE ?
> 
> 
> On Fri, 6 Dec 1996 toon@cem-bb.e-mail.com wrote:
> 
> > Next topic:
> > 
> > Some1 told me that 'I have to filter out VERIFY and EXPAND when letting 
> > mail through my firewall'. Can some1 explain me what this means?
> > 
> 
> VERIFY and EXPAND are commands that can be issued to SENDMAIL. Their 
> legitimate uses are:
> 
> Verify: determines if the username you've spcified exists
> Expand: determines which usernames will recivie the mial sent to the 
> address specified - for example, the account "root" might expand to 
> usernames "bob" and "alice" if they are the sysadmins, and don't want to 
> log in as "root" to check for root mail.
> 
> An intruder can telnet to port 25 and run these commands to gather 
> information. You shouldn't allow access to port 25 on systems that AREN'T 
> supposed to be receiving mail, anyway. You may want to block EXPAND, 
> possibly verify as well, on the others.
> 
> -r.w.
> 
> 

"It's 88ms to Phoenix, we've got a full disk of Gif's,
a full meg of Hypertext, it's dark and we're wearing
sunglasses."  "Click it."

[prev in list] [next in list] [prev in thread] [next in thread]