nanog mailing list archives

Re: Providers removing blocks on port 135?

From: Andy Walden <andy () tigerteam net>
Date: Sat, 20 Sep 2003 18:36:56 -0500 (CDT)



On Sat, 20 Sep 2003, Margie wrote:

My guess is that you haven't heard of the current issue with various
servers running SMTP AUTH. These MTAs are secure by normal
mechanisms, but are being made to relay spam anyway.


Would this be a reference to the qmail-smtp-auth patch that recently was
discovered, that if misconfigured, could allow incorrect relays? If so, I
would say that this was an isolated incident for a single patch for a
specific MTA and only when it was misconfigured. I'm not sure I would
describe that as "secure by normal mechanisms" nor quite the epidemic it
was the first week or two.

I'm not necessarily making a statement one way or the other on port 25
filtering, but SMTP Auth, when properly configured and protected against
brute force attacks is certainly a useful thing. YMMV of course.

andy
--
PGP Key Available at http://www.tigerteam.net/andy/pgp

Current thread:

Re: Providers removing blocks on port 135?, (continued)
- - - Re: Providers removing blocks on port 135? Sean Donelan (Sep 20)
    - Re: Providers removing blocks on port 135? Owen DeLong (Sep 20)
    - Re: Providers removing blocks on port 135? Rob Thomas (Sep 20)
    - Re: Providers removing blocks on port 135? Owen DeLong (Sep 20)
    - Re: Providers removing blocks on port 135? Ray Bellis (Sep 20)
    - Re: Providers removing blocks on port 135? David B Harris (Sep 20)
    - Re: Providers removing blocks on port 135? Ray Bellis (Sep 20)
    - Re: Providers removing blocks on port 135? Niels Bakker (Sep 20)
    - Re: Providers removing blocks on port 135? Richard Cox (Sep 20)
    - Re: Providers removing blocks on port 135? Margie (Sep 20)
    - Re: Providers removing blocks on port 135? Andy Walden (Sep 20)
    - Re: Providers removing blocks on port 135? Margie (Sep 20)
    - Re: Providers removing blocks on port 135? Jack Bates (Sep 22)
    - Re: Providers removing blocks on port 135? Sean Donelan (Sep 20)
    - Re: Providers removing blocks on port 135? Justin Shore (Sep 20)
    - Any actual data to back up blocking Netbios ports? Sean Donelan (Sep 20)
    - Re: Providers removing blocks on port 135? John Kristoff (Sep 21)
    - Re: Providers removing blocks on port 135? Justin Shore (Sep 20)
    - Re: Providers removing blocks on port 135? jlewis (Sep 20)
    - Message not available
    - Re: Providers removing blocks on port 135? Mike Tancsa (Sep 21)
    - Re: Providers removing blocks on port 135? Justin Shore (Sep 21)

(Thread continues...)