Hi!
|mh@torres:/mnt/main6/home/mh > telnet localhost 25
|Trying 127.0.0.1...
|Connected to localhost.
|Escape character is '^]'.
|220 torres.gf1.internal ESMTP Exim 2.10 #1 Sun, 9 May 1999 18:58:35 +0200
|this is a very long command
|500 Command unrecognized
|sldksjdhlkjrhiu
|500 Command unrecognized
|slkjhsadliuzh
|500 Command unrecognized
|riuztrieouhdgklj
|500 Command unrecognized
|debug
|500 No way!
|quit
|221 torres.gf1.internal closing connection
|Connection closed by foreign host.
|mh@torres:/mnt/main6/home/mh >
None of these things resulted in a log entry. I am thinking that it
might be useful to have exim log illegal commands on the SMTP channel.
This could be useful in detecting somebody trying to to a buffer
overflow or a similar attack. Would having such an option be useful in
attack scenarios or would it open ways to attack a mail host itself?
Am I unreasonable?
Greetings
Marc
--
-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber | " Questions are the | Mailadresse im Header
Karlsruhe, Germany | Beginning of Wisdom " | Fon: *49 721 966 32 15
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fax: *49 721 966 31 29
--
*** Exim information can be found at
http://www.exim.org/ ***