[Mimedefang] Security note: Open port 25 on internal mail se rvers
Kelson Vibber
kelson at speed.net
Wed Feb 4 19:31:42 EST 2004
At 04:16 PM 2/4/2004, Matthew.van.Eerde at hbinc.com wrote:
>One SMTP server (A) that accepts only authenticated sessions and allows
>relay for those.
>Another SMTP server (B) that accepts any session but does not allow relay.
>
>The trick is to only have A listed as an MX record. B does *not* need to be
>listed as an MX record. Usually B is listed explicity (by DNS name) in the
>off-campus-client's email client as the "Sending Mail Server" or "SMTP
>Server" - no need to advertise it in DNS, though a portscanner will still
>find it.
Er, shouldn't that be the other way around? Or am I misreading?
Kelson Vibber
SpeedGate Communications <www.speed.net>
More information about the MIMEDefang
mailing list