Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Firewalls
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: SMTP Relay

from [Kidder, Roy] Network Security [Permanent Link]
Subject: RE: SMTP Relay
Date: Thu, 19 Aug 2004 09:06:00 -0400 
With the "fix-up smtp" command in your config, that 220 message would appear
something like this:

220 *************************************



-----Original Message-----
From: Aaron [mailto:agflem@yahoo.ca] 
Sent: Tuesday, August 17, 2004 12:24 PM
Cc: firewalls@securityfocus.com
Subject: Re: SMTP Relay

telnet [ip address] 25

220 mx3.domain.com WebShield SMTP V4.5 Network Associates, Inc. Ready at Tue
  Aug 17 12:29:12 2004

Exchange will show something similar ...

jamesworld@intelligencia.com wrote:


Roy,

How can one determine that it's an exchange box or any other mail server?

I do support the design of a mail gateway.



At 08:34 AM 8/17/2004, Kidder, Roy wrote:


The PIX can mask the "220" greeting from a mail server so that the 
vendor and version of the mail system cannot be seen "plain text". 
This is called "smtp fix-up". At best, this is security by obscurity 
though. A determined individual can still determine that it's a MS 
Exchange box sitting back there.

A better option is to put up a non-Exchange gateway (there are many 
products out there) between your internal Exchange system and the 
Internet. This gateway would be configured so that email from the 
Internet comes into it, is scanned for any virus threat and content 
(if desired) and then passed on to the Exchange server on the inside. 
This way, the Exchange server is never actually touched by the outside 
world.

Hope that helps,
Roy


-----Original Message-----
From: Aaron [<mailto:agflem@yahoo.ca>mailto:agflem@yahoo.ca]
Sent: Thursday, August 12, 2004 12:23 PM
To: jamesworld@intelligencia.com
Cc: firewalls@securityfocus.com
Subject: Re: SMTP Relay

How can I protect an IIS-SMTP service with a PIX?

jamesworld@intelligencia.com wrote:


You cannot set up the PIX as a SMTP relay as it does not have a SMTP
engine.  You can use it to protect a SMTP relay (sendmail, IIS-SMTP, 

3rd

party, etc) though.

SMTP services are a component of a server.  The PIX is not a server.

Cheers,
-James


At 03:03 PM 8/11/2004, Aaron wrote:


Is it possible to setup a PIX for SMTP relay?







*************************************************************
This message, including any attachments, may contain
confidential information intended for a specific individual
and purpose, and may be protected by law.  If you are not
the intended recipient, please notify the sender by e-mail
or telephone immediately, and then immediately delete this
message.  Any disclosure, copying or distribution of this
message, or the taking of any action based on it, by any
unintended recipient is strictly prohibited.






*************************************************************
This message, including any attachments, may contain
confidential information intended for a specific individual
and purpose, and may be protected by law.  If you are not
the intended recipient, please notify the sender by e-mail
or telephone immediately, and then immediately delete this
message.  Any disclosure, copying or distribution of this
message, or the taking of any action based on it, by any
unintended recipient is strictly prohibited.
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  fragment filtering, Martin Mačok
Next by Date:  PIX Questions, Aaron
Previous by Thread:  Re: SMTP Relay, Aaron
Next by Thread:  PIX Questions, Aaron
Indexes:  [Date] [Thread] [Top] [All Lists]