Re: Increasing Internal security

2019-05-15 Thread Viktor Dukhovni
> On May 15, 2019, at 1:29 PM, Peter Fraser wrote: > > I believe what happened is the testing software they used tried to send an > email out using an empty domain and Postfix accepted it. I did it manually to > verify from the commandline > MAIL FROM: <> > RCPT TO: an email address > DATA > Bl

Re: Increasing Internal security

2019-05-15 Thread Wietse Venema
Peter Fraser: > I believe what happened is the testing software they used tried to send an > email out using an empty domain and Postfix accepted it. I did it manually to > verify from the commandline > MAIL FROM: <> > RCPT TO: an email address > DATA > Blablabla > . > Postfix queued up this emai

Re: Increasing Internal security

2019-05-15 Thread Wietse Venema
Peter Fraser: > Hi All > We had an auditor to an internal pentest for our network. The > result for our Postfix box was (My Words) Although your SMTP server > prevents relay in some circumstances, it still allows email from > an empty domain. I am aware that the empty domain <> is needed for > boun

Re: Increasing Internal security

2019-05-15 Thread Noel Jones
On 5/15/2019 12:29 PM, Peter Fraser wrote: I believe what happened is the testing software they used tried to send an email out using an empty domain and Postfix accepted it. I did it manually to verify from the commandline MAIL FROM: <> RCPT TO: an email address DATA Blablabla . Postfix

RE: Increasing Internal security

2019-05-15 Thread Peter Fraser
I believe what happened is the testing software they used tried to send an email out using an empty domain and Postfix accepted it. I did it manually to verify from the commandline MAIL FROM: <> RCPT TO: an email address DATA Blablabla . Postfix queued up this email and sent it out. Regards SI

Re: Increasing Internal security

2019-05-15 Thread Noel Jones
On 5/15/2019 11:24 AM, Peter Fraser wrote: Hi All We had an auditor to an internal pentest for our network. The result for our Postfix box was (My Words) Although your SMTP server prevents relay in some circumstances, it still allows email from an empty domain. I am aware that the empty domai

Increasing Internal security

2019-05-15 Thread Peter Fraser
Hi All We had an auditor to an internal pentest for our network. The result for our Postfix box was (My Words) Although your SMTP server prevents relay in some circumstances, it still allows email from an empty domain. I am aware that the empty domain <> is needed for bounce messages. Is there a

Re: Ris: AWS timeout

2019-05-15 Thread @lbutlr
On 14 May 2019, at 21:35, Ron Wheeler wrote: > If people knew how much of the email travels over the internet as a result of > his work, he would be a tech star. I really doubt he is interested in notoriety. -- 'You're your own worst enemy, Rincewind,' said the sword. Rincewind looked up at th