On Sun, Sep 19, 2004 at 02:34:03PM -0400, Richard Welty wrote:
> On Sun, 19 Sep 2004 08:27:44 -0700 Kevin <iam@???> wrote:
> > I'm trying to hide the internal network IP addresses and names for out
> > bound mail.
>
> er, why? from inspection, your internal IP addresses are in RFC 1918 space,
> so i'll make the positive presumption that you have a properly conceived
> translating firewall in place. hiding internal IPs neither improves nor
> degrades your security, it's a bunch of work for no net gain.
Yup - and if he's leaking rfc1918 packets, or people are able to access his
rfc1918 network from outside his LAN for some reason, he has far more trouble
than "disclosing his secure internal network" in email headers will cost.
Security by obscurity kool aid that at least some highly paid consultants are
fond of pointing at during audits, together with requests to "turn off ESMTP
that may disclose sensitive internal information" and "munge the smtp banner
that shows the mta version you are running".
srs
--
linux@??? (Suresh Ramasubramanian)
jaharkes@ravel:/usr/src$ mv linux Gnu/Linux
mv: cannot move `linux' to `Gnu/Linux': No such file or directory
jaharkes @ cs.cmu.edu in reply to RMS on linux.kernel