To wrap up the problem I had ... At 20:43 -0700 6/1/04, Sven wrote: >At 22:53 -0500 6/1/04, [EMAIL PROTECTED] wrote: >>May we ask who is doing the testing? Though it's entirely possible >>that there could be a new exploit that SIMS can't handle, it would >>be nice to know exactly the nature of the exploit and the test for >>it, so we can figure out if it can be stopped. > >Let me ask tomorrow. I don't know if I can say but I'll find out. If >nothing else, maybe they can point to some place where the exploit >is documented. This is one case where I would not mind being shown >that it is _my_ fault.
I could not get anyone to tell me that it would be ok to post the specifics of the relay testing, I asked several times. However, I did manage to get some information which explained what relaying was going on. It was not relaying from outside to outside, but relaying from within our rather large IP range. In earlier years there had been no issue with relaying inside the organization, but recent changes in policy apparently only allows the main server banks to relay. IOW, someone outside could use my server to relay to another server inside our firewall, but they'd have no way of knowing unless they were inside. Likewise, someone inside our firewall could have used my server to hit someone outside, but that would have resulted in near-immediate termination so it too seems rather unlikely. Problem solved and it was my fault that I had not realized (security through obscurity) there was a policy change, but it sure is a pain. -Sven ############################################################# This message is sent to you because you are subscribed to the mailing list <[EMAIL PROTECTED]>. To unsubscribe, E-mail to: <[EMAIL PROTECTED]> To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]> To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]> Send administrative queries to <[EMAIL PROTECTED]>
