[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Secure zmailer/smtpserver anyone?

To: 'Tom' <tom@sdf.com>
Subject: RE: Secure zmailer/smtpserver anyone?
From: "Paquette, Trevor" <TrevorPaquette@mcc.net>
Date: Mon, 12 Jan 1998 14:04:57 -0700
Cc: "'zmailer@nic.funet.fi'" <zmailer@nic.funet.fi>

VERB DOES do ALOT under zmailer.
EXCERPT: (My input to the SMTPSERVER is marked with *******)

*******mconnect localhost
connecting to host localhost (127.0.0.1), port 25
connection open
220 localhost ZMailer Server 2.99.49p8 #1 ESMTP+IDENT ready at Mon, 12
Jan 1998 13:57:56 -0700
*******help
214-Copyright 1990 Rayan S. Zachariassen
214-Copyright 1991-1997 Matti Aarnio
214-
214-The following commands are recognized:
214-    EHLO, HELO, MAIL, RCPT, DATA, BDAT, RSET, VRFY, EXPN, HELP, NOOP
214-    QUIT, ETRN, TURNME, VERB, ONEX, SEND, SOML, SAML, TURN, TICK,
EMAL
214-    ESND, ESOM, ESAM, EVFY, IDENT, DEBUG
214-
214-The normal sequence is: EHLO/HELO (MAIL RCPT+ DATA)+ QUIT.
214-
214-This mailer will always accept 8-bit and binary message data
214-though you are better to use MIME format!
214-
214-For local information contact: postmaster@localhost
214 SMTP server comments and bug reports to: <zmhacks@nic.funet.fi>
*******DEBUG
423 Must be VERBose to use DEBUG
*******VERB
250-2.0.0 ZMailer SMTP server 2.99.49p8 #1: Sat Nov 15 15:21:07 MST 1997
250-2.0.0 Copyright 1990 Rayan S. Zachariassen
250 2.0.0 Copyright 1991-1997 Matti Aarnio
*******vrfy <Trevorpaquette@mcc.net>
503 5.5.1 Waiting for HELO/EHLO command
*******EHLO localhost
policytest what=??
always_reject=0
always_freeze=0
always_accept=0
sender_reject=0
sender_freeze=0
relaycustnet=0
rcpt_nocheck=0
rejectnet: requested, value=.
freezenet: requested, value=.
rejectsource: not req, value=.
freezesource: not req, value=.
relaycustomer: not req, value=.
relaycustnet: not req, value=.
relaytarget: not req, value=.
acceptifmx: not req, value=.
acceptifdns: not req, value=.
senderokwithdns: not req, value=.
acceptbutfreeze: not req, value=.
DEBUG: 12/DOMAIN/'localhost'
checkaddr(): domain of 'localhost'
Key: 12/DOMAIN/'localhost'
  query failed
Results: rejectnet . freezenet . rejectsource . freezesource .
relaycustomer . relaycustnet . relaytarget . acceptifmx . acceptifdns .
senderokwithdns . acceptbutfreeze . 
DEBUG: 13/DOMAIN/'.localhost'
checkaddr(): domain of '.localhost'
Key: 13/DOMAIN/'.localhost'
  query failed
Results: rejectnet . freezenet . rejectsource . freezesource .
relaycustomer . relaycustnet . relaytarget . acceptifmx . acceptifdns .
senderokwithdns . acceptbutfreeze . 
DEBUG: 4/DOMAIN/'.'
checkaddr(): domain of '.'
Key: 4/DOMAIN/'.'
  query failed
Results: rejectnet . freezenet . rejectsource . freezesource .
relaycustomer . relaycustnet . relaytarget . acceptifmx . acceptifdns .
senderokwithdns . acceptbutfreeze . 
250-localhost Hello localhost
250-SIZE 0
250-8BITMIME
250-PIPELINING
250-CHUNKING
250-ENHANCEDSTATUSCODES
250-EXPN
250-VRFY
250-DSN
250-X-RCPTLIMIT 10000
250-ETRN
250 HELP
*******vrfy <trevorpaquette@mcc.net>
000 'ZMailer router (2.99.49p8 #1: Sat Nov 15 15:21:56 MST 1997)'
000 '  root@gate.mcc.net:/export/gate1/mcc/src/zmailer-2.99.49p8/router'
000 'Copyright 1992 Rayan S. Zachariassen'
000 'Copyright 1992-1997 Matti Aarnio'
000 ''
000 'smtp delivery to [10.1.1.25] for <trevorpaquette@mcc.net>'
001 Got string: 'smtp delivery to [10.1.1.25] for
<trevorpaquette@mcc.net>'
250 smtp delivery to [10.1.1.25] for <trevorpaquette@mcc.net>
*******QUIT
221 2.0.0 localhost Out

The point here is that there is alot of information  that is being given
to potential hackers that does not need to be given.
I would really like to disable VERB and VRFY from the command line of
smtpserver.

> -----Original Message-----
> From:	Tom [SMTP:tom@sdf.com]
> Sent:	Monday, January 12, 1998 11:58 AM
> To:	Paquette, Trevor
> Cc:	'zmailer@nic.funet.fi'
> Subject:	Re: Secure zmailer/smtpserver anyone?
> 
> 
> On Mon, 12 Jan 1998, Paquette, Trevor wrote:
> 
> > Does anyone know if zmailer has a secure mode for smtpserver?
> > Could this be made a command line option?
> > 
> > Mean just email delivery form the SMTP protocol standpoint?
> > No DEBUG, no VRFY, no HELP, no VERB etc...
> > Only MAIL, RCPT, DATA, QUIT, and the ones needed for ESMTP.
> 
>   Why?
> 
>   DEBUG and VERB don't do anything under Zmailer.  VRFY only works if
> you
> configure it, and is expensive to do anyhow.
> 
>   HELP is harmless.
> 
> > --
> > 
> > Trevor Paquette              | MetroNet Solutions
> |Work:(403)543-2355
> > TrevorPaquette@mcc.net       |4300, 150 6th Ave SW|
> Fax:(403)543-2854
> > http://www.mcc.net           |Calgary, AB, Canada
> |ICBM:51'03"N/114'05"W
> > Senior Unix Network Architect|       T2P 4K9      |Mind:In the
> Rockies
> 
> Tom

Follow-Ups:
- Re: Secure zmailer/smtpserver anyone?
  - From: mea@nic.funet.fi (Tue, 13 Jan 1998 01:51:59 +0200)

Prev by Date: Re: Secure zmailer/smtpserver anyone?
Next by Date: Re: Secure zmailer/smtpserver anyone?
Prev by thread: Re: Secure zmailer/smtpserver anyone?
Next by thread: Re: Secure zmailer/smtpserver anyone?
Index(es):
- Date
- Thread