Re: [exim] Exim server behind NAT router (and HELO)

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MExim User's Mailing List at <-
MMatthew Byng-Maddick at ->
Delete this message
Reply to this message
Author: Fred Viles
Date:  
To: exim-users
Subject: Re: [exim] Exim server behind NAT router (and HELO)
On 22 Mar 2005 at 20:02, Greg A. Woods wrote about
    "Re: [exim] Exim server behind NAT r":


|...
| You cannot protect your server from several types of potentially
| damaging DoS attacks if you do not at least ensure that it refuses
| connections from clients claiming to be itself (or from other names that
| it is responsible for handling).

Now that's an interesting statement. It seems quite counter-
intuitive to me. ISTM MTAs that do not check for spoofed HELO names
aren't likely to make any use of the HELO name at all.

So what types of DoS attacks require spoofing the recpient MTA's name
on the HELO/EHLO command? Details, please.

- Fred






This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-[exim] DNSBLsRe: [exim] cyrus/exim verify recipient options (macosx server)->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)