Re: POP3 client behavior re. hosts.deny

From: Bruce Lewis (brlspam_at_yahoo.com)
Date: 09/02/04


Date: 02 Sep 2004 14:04:12 -0400

Tim Haynes <usenet-20040902@stirfried.vegetable.org.uk> writes:

> I would've thought any attempt to send application-level data like that
> would be a pretty naff violation of TCP, being as the application should
> have received a TCP RST from the hosts.deny-induced connection-rejection.

Except the connection is not rejected. It's accepted (presumably by
inetd), then closed (presumably by tcpd). I don't think tcpd has any
way to cause the connection to be rejected.

> tcpdump -s 1500 -n -w somefile.log.net port 110
> <do things>
> ^C
> tcpdump -v -r somefile.log.net | less

Ah, cool. Now I can at least check Thunderbird.

> How about using a firewall so there can be *no* connection established at
> all, not even as far as tcpwrappers?

This is a virtual server (User-Mode Linux) on linode.com. I'm pretty
sure the firewall option is unvailable to me.

> You could also try to bind teapop
> to localhost only, as well, that would be rather effective too.

Hmm...that really looks like the cleanest solution. Maybe it's time to
switch to xinetd. I don't see any option for inetd to bind to a
specified address, nor in the teapop docs for its standalone mode.