[pmmail-list] PMMail and network security issue.

Joachim F. Selinger pmmail-list@blueprintsoftwareworks.com
Mon, 23 Apr 2001 08:46:30 +0200 (CEST) 

--1166131744-846930886-988008396=:8721
Content-Type: TEXT/plain; charset=iso-8859-1
Content-Transfer-Encoding: QUOTED-PRINTABLE

Hi Rich and Stefan!

On 23 Apr, Stefan Kirch wrote:
> EVERY smtp-server knows your ip, if you make a connection to
> the server, if not, you are not able to make a connection. So,
> it doesn't matter, to send the ip-address in the helo-command,
> because the SMTP-server allready know this.

Not quite correct. If you send through a firewall with NAT, it won't know
your internal IP Adress, just the one from the firewall, but nevertheless
if you transfer it with the HELO command.

=20
> In my opinion, the best idea, to be as secure as possible, is
> to use every time a own smtp-server and "patch" this one,
> so that the smtp-server doesn't add important informations to
> the emails, e.g. we use qmail and made settings, that the first
> received line is "Received: from somewhere (user@somewhere)"
> instead of ip-adresses or usernames.

Something like this would have been my recommendation as well. You could
use Weasel (for OS/2 only) maybe (I haven't checked what it adds to the
received lines though, but in a mail I see, it looks as if it only sends
the host, not the use and not the workgroup name etc.).

CU
Jocki
--
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D/\=3D=3D=3D/\=3D=3D=3D=3D=3D=3D=3D/\=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
Joachim F. Selinger        /  \ /  \/\ /\/  \              ___
Brunhildenweg 4           /    \/\ /  \  \/\ \              |
D-70597 Stuttgart,Germany/     /  / CU \ /  \ \  ----------(0)----------
Tel.(49)+711-901-8040   /   =FC /  /      /    \ \            '
Fax.(49)+711-901-8041=3D=3Dselinger(@)idefix.s.bawue.de=3D=3D=3D=3D=3D=3DSo=
aring=3D=3D=3D=3D=3D=3D=3D=3D

--1166131744-846930886-988008396=:8721
Content-Type: APPLICATION/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQA648/GpHLA4FnPkMoRAqIlAJ9e6Bojx2npTMpyd82yjvUQ8EWHdgCfftiD
NICt4DEUQAsFQ+kbmFfZcHU=
=ICqK
-----END PGP SIGNATURE-----

--1166131744-846930886-988008396=:8721--