Is it practical to implement an IP scrubber in ASSP to clean IPs from
message headers and SMTP responses?
I know this outside the scope of anti-spam, but broadcasting internal
server names and IPs over SMTP is a glaring security issue for all
Microsoft Exchange servers. Don't know how many other mail servers do
the same asinine thing as Microsoft. Exchange can change the FQDN that
it broadcasts, but according to an article I read, there is no way
prevent Exchange from broadcasting internal IPs except via
[non-existent] third-party software. Hence, my hope that it could be
implemented in ASSP.
ASSP is already an SMTP proxy, so it seems a simple matter to RegEx the
output (skipping the e-mail body, of course) and replace any private
internal IPs with a corresponding public IP, or replace other private
data like the FQDN. The translation table could be input like the SMTP
Destination Routing Table with the arrow/bars, e.g.:
192.168.1.1=>66.35.250.209|192.168.1.2=>66.35.250.209|internal.domain.lo
cal=>external.domain.com
What do ya think? Great idea, get to it when you can? Or no way, ASSP
is strictly anti-spam only?
--Bennett
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Assp-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/assp-user
