On Wed, 2003-11-12 at 21:16, Michael Holt wrote: > ...> > > Except they drop connection before he could ever send From.. Maybe > > they've set a ridiculously low timeout or something, but it doesn't act > > like any real world mailserver I've ever seen. > > See, that's the thing. I haven't done any playing with cisco routers, > but I would imagine that the ios is smart enough to drop anything except > an email packet at port 25 and then with all the recent problems with > ddos attacks and virii, etc, I would think that they *would* want to > seriously filter the headers that come in. But you guys are saying that > the headers on my email - no matter which machine I'm sending from - are > absolutely normal? Nobody would or could do it differently? >
Cisco routers are actually very dumb. If the router or a regular firewall is blocking the mail, then the three way TCP handshake will never complete. If a proxy-using firewall (Raptor or the so-called "security servers" in PIX and Check Point (so-called because the number one source of security holes on those firewalls)) is in use, it will accept enough headers to make a decision on. Dropping the connection right after 220 for servers that aren't on any BL is broken behavior. > Well thanks everyone for all the info -- I've definitely learned some > stuff (including that I need to do some studying!:) ) -- Jack Coates Monkeynoodle: A Scientific Venture...
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
