Re: [FW1] Blank MAIL FROM: field in SMTP Security Server

Tue, 06 Jun 2000 13:25:55 -0700 



I can see your point .... but....

The messages that you are referring to will be destined for e-mail accounts
in domains that are hosted on our mail server (see my other msg). So those
messages *WILL* be allowed by the first rule, and won't be a problem.

There are two cases of SMTP traffic that I want to allow:

1. E-Mail messages from *anybody* (even <>) to e-mail addresses on domains
that our mail server hosts
2. E-Mail messages from e-mail addresses on domains that we host, to
anywhere else.

RFC821 messages fall into #1, and will be passed by the first rule.

I want to DROP messages from <> that are sent to e-mail addresses on
domains that we do NOT host. The PROBLEM is that rule #2 allows these
messages, when it shouldn't.

Dave Grabowski
System Arts, Inc.
(212) 604-9015 x316
[EMAIL PROTECTED]


                                                                                       
                                                 
                    Joerg Oertel                                                       
                                                 
                    <[EMAIL PROTECTED]>                   To:     
[EMAIL PROTECTED]                        
                    Sent by:                                    cc:                    
                                                 
                    [EMAIL PROTECTED]        Subject:     Re: [FW1] 
Blank MAIL FROM: field in SMTP Security Server   
                    kpoint.com                                                         
                                                 
                                                                                       
                                                 
                                                                                       
                                                 
                    06/06/2000 03:39 AM                                                
                                                 
                    Please respond to Joerg Oertel                                     
                                                 
                                                                                       
                                                 
                                                                                       
                                                 





On Mon, 5 Jun 2000 14:41:40 -0400, [EMAIL PROTECTED] wrote:



>It appears to me that there's a bug in FW-1, since it allows the
sender to
>be <>....
>
>Anyone?

Dave,

RFC 821 states:
=One way to prevent loops in error reporting is to specify a null
=reverse-path in the MAIL command of a notification message. When such
=a message is relayed it is permissible to leave the reverse-path
=null. A MAIL command with a null reverse-path appears as follows:
=         MAIL FROM:<>

So this form is absolutely legal and your Firewall should let it pass.


>
>Dave Grabowski
>System Arts, Inc.
>(212) 604-9015 x316
>[EMAIL PROTECTED]

// pallas  GmbH  ............  Joerg Oertel  ...........
   Hermuelheimer Str. 10       System engineer
   D-50321 Bruehl, Germany     [EMAIL PROTECTED]
                               phone  +49-(0)2232-1896-0
   http://www.pallas.de        fax   +49-(0)2232-1896-29
........................................................



================================================================================

     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================





================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Reply via email to