Re: blocking telnet port 25 ?
From: jmd (jm.dessaintes@iesn.be)
Date: 02/13/03
- Next message: Wombat: "Re: Warez FTP??"
- Previous message: Ivan Karpov: "Re: Reset the password"
- In reply to: Russ: "Re: blocking telnet port 25 ?"
- Next in thread: Robert Moir: "Re: blocking telnet port 25 ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "jmd" <jm.dessaintes@iesn.be> Date: Thu, 13 Feb 2003 17:48:01 +0100
Thank you very much.
"Russ" <rwsinclair@mcpmail.com> wrote in message
news:061a01c2d367$bcb388d0$a201280a@phx.gbl...
> SMTP is used for incoming and outgoing mail. Once it
> makes its way into a user's mailbox, POP3 can be used to
> retrieve the mail, but POP and IMAP have nothing to do
> with DELIVERY of mail to a server.
>
> >-----Original Message-----
> >Thank you for your speedy answer.
> >I thought that, on my Exchange 2K server, SMTP was used
> only for outgoing
> >mail and Pop3/Imap4 for ingoing mail.
> >So I thought that I could block port 25 packets coming
> from Internet.
> >As it is now I can :
> > telnet mymailserver.domain 25
> >and send spam emails from fictitious user !
> >I will see to put the mail server behing our isa firewall
> server.
> >Still thank you.
> >Jean-Marie.
> >Iesn/Belgium
> >
> >"Robert Moir" <bofh@mvps.org> wrote in message
> >news:ONdTYyu0CHA.2076@TK2MSFTNGP10...
> >> jmd wrote:
> >> > Hello.
> >> > I have a member Win2000 server with Exchange 2000 +
> Conferencing
> >> > Server + Outlook Web Access.
> >> > It contains 2 nics : one to internal network, the
> other to external
> >> > network. All is working ok.
> >> > Telnet server service is not installed (disabled) on
> that machine
> >> > (telnet myserver.domain.com denied (port 23 not
> allowed)).
> >> > But I see that I can :
> >> > telnet myserver.domain.com 25
> >> > without entering a user name & password.
> >> >
> >> > My question : how can I block a telnet access to any
> port from
> >> > internet ?
> >>
> >> You can't block access to a port if you need it open
> for other purposes.
> >> Port 25 is the SMTP mail port, which needs to be open
> if this server needs
> >> to send and receive email, and judging by what you
> describe this server as
> >> doing, I'd say thats likely.
> >>
> >> You *could* block this server off behind the firewall
> and have something
> >> else act as an SMTP smarthost on it's behalf, but your
> SMTP smarthost will
> >> need to have port 25 open to the internet so this is
> moving the problem
> >not
> >> curing it.
> >>
> >> Its entirely natural for a system that talks to the
> internet to expose
> >some
> >> ports to the internet. Why do you think this is a
> problem?
> >>
> >> Rob
> >> Microsoft MVP
> >>
> >>
> >
> >
> >.
> >
- Next message: Wombat: "Re: Warez FTP??"
- Previous message: Ivan Karpov: "Re: Reset the password"
- In reply to: Russ: "Re: blocking telnet port 25 ?"
- Next in thread: Robert Moir: "Re: blocking telnet port 25 ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
