Great Circle Associates Firewalls
(September 1993)
 

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: Re: Access control for SMTP?
From: Brent Chapman <brent @ GreatCircle . COM>
Date: Wed, 22 Sep 1993 09:49:19 -0700
To: Amos Shapira <amoss @ cs . huji . ac . il>
Cc: firewalls @ GreatCircle . COM
In-reply-to: Your message of Wed, 22 Sep 1993 15:22:27 +0200

Amos Shapira <amoss @
 cs .
 huji .
 ac .
 il> writes:

# Dorian Deane <dorian @
 cobalt .
 house .
 gov> writes:
# |
# |alastair @
 Cadence .
 COM (Alastair Young) writes:
# |
# |> I don't filter out any, I just use the tcpd as a logger in this case.
# |> Sendmail itself doesn't log VRFY queries and other manual jiggerypokery,
# |> but this way I get a log of ALL connections to the port.
# |
# |How can this work?  First a connection is passed to tcpd, and that
# |is logged as a connection, but after that, the VRFYs and such are
# |passed directly to sendmail.   tcpd is out of the picture and 
# |you just get sendmail's normal logging.  Or am I missing something?
# 
# I suppose you are right about this particular implementation.  But it
# shouldn't be difficult to pass the input to sendmail through a filter which
# logs suspicious commands.

In the long run, I'd encourage folks to fix the logging in Sendmail.

FTP used to have the same problem of insufficient logging.  Some
talented people took the time to fix it, and now the base FTP code
from (for instance) Berkeley and WU-ARCHIVE has extensive logging
capabilities.


-Brent
--
Brent Chapman                                   Great Circle Associates
Brent @
 GreatCircle .
 COM                           1057 West Dana Street
+1 415 962 0841                                 Mountain View, CA  94041


Indexed By Date Previous: SMTP - reverse lookups OK (was Re: Access control from SMTP)
From: pmj @ roadnet . ups . com (Pete Jansson)
Next: Re: SMTP - reverse lookups OK (was Re: Access control from SMTP)
From: Brent Chapman <brent @ GreatCircle . COM>
Indexed By Thread Previous: Re: Access control for SMTP?
From: Amos Shapira <amoss @ cs . huji . ac . il>
Next: Re: Access control for SMTP?
From: smb @ research . att . com

Google
 
Search Internet Search www.greatcircle.com