To: [EMAIL PROTECTED] From: John Horne Date: Thu, 23 May 2002 09:57:44 +0100 (BST)
> On 23-May-2002 at 01:11:56 Doughty, Michael wrote: > > <SNIP me completely misunderstanding the question> > > Yes, and it is the sending port that is blocked. That is my point. If a > remote mail server sends a message to our mail server using a non-privileged > port (i.e. the port they use to send the msg to us), and we block that port, > then their mail server will simply see a dropped connection (or some such). > If it happens to chose various ports that we have blocked, then it may well > give up and tell the sender that it cannot send mail to our site. I see. So you are talking about a rule that filters based on the source port? Generally, this is not desirable for the exact reason you are describing. The source port is a randomized non-priveleged port. What exactly do you expect to gain from filtering on source port, besides lack of compliance? Any program can start on any port provided the proper configuration of the source system. The source port really tells you nothing about the program. Michael