Re: [Exim] Fake mailing

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Tim Jackson
Date:  
À: exim-users
Sujet: Re: [Exim] Fake mailing
Hi Wakko, on Wed, 5 Nov 2003 10:53:20 -0500 you wrote:

> > There is no such distinction between a "faked with telnet" and "real"
> > mail session. They're both just TCP connections.
> I've seen otherwise.


I had a feeling someone was going to say that :) Which is kind of why I
hinted at the application layer (specifically, Exim) here:

> > Your Exim daemon

         ^^^^^^^^^^^

> > has no idea whether the entity on the other end of
> > the connection is someone with a telnet client or an MTA.


OK, Gergely, *conceptually* they are the same (TCP connection to port 25).
If you really want, you can mess around with firewalls to detect certain
characteristics typically exhibited by telnet applications, but it would
be fairly futile since "telnetting" in the sense of using a "telnet" app
is normally a manual process, and so people usually have a reason to do
it. In that case, although you might confuse them (which is unlikely to
benefit either party), there is nothing to stop them using their own
psuedo-"telnet" app (perhaps, like Wakko mentioned, netcat) which just
opens sockets and passes data through in the same way as a "real" mail app
would.

I still suspect Gergely was actually trying to stop direct-to-MX spam
rather than "telnet" though...


Tim