Joerg
11-24-1999, 06:42 AM
Can I avoid a telnet on port 25. everybody can send mails to inbound recipients over my mailserver with telnet and rcpt command. Is there a possibility to close this secutity lack?
Thanx
Joerg
Thanx
Joerg
Click to See Complete Forum and Search --> : Telnet on Port 25
Chay Harley
11-28-1999, 07:14 PM
This is how email is sent. Received on port 110.
------------
Joerg at 11/24/99 7:42:02 AM
Can I avoid a telnet on port 25. everybody can send mails to inbound recipients over my mailserver with telnet and rcpt command. Is there a possibility to close this secutity lack?
Thanx
Joerg
------------
Joerg at 11/24/99 7:42:02 AM
Can I avoid a telnet on port 25. everybody can send mails to inbound recipients over my mailserver with telnet and rcpt command. Is there a possibility to close this secutity lack?
Thanx
Joerg
Jeremy Zuniga
12-01-1999, 09:37 PM
Joerg,
Place a checkpoint firewall, cisco pix, novell border manager box or your preferred firewall into the environment. Utilizing three interfaces, #1 to the LAN/WAN, #2 to the internet connection, #3 to the Web and Email boxes. This should be configured as what is referred to as a DMZ. Disallow telnet (Port 23) through the #2 interface. Port 25 is used to send and recieve SMTP based communications per RFC 821. Problem solved. Email me for further explanations. Port 110 is used for POP3 client to Retrieve messages and then send on port 25, IMAP v4 uses port 143 for retrieval and sends on port 25, both of which perform Directory lookups via LDAP on port 389 or 636/SSL.
Jeremy Zuniga
MCSE+I, MCT, CCDA, CCA
------------
Chay Harley at 11/28/99 8:14:34 PM
This is how email is sent. Received on port 110.
------------
Joerg at 11/24/99 7:42:02 AM
Can I avoid a telnet on port 25. everybody can send mails to inbound recipients over my mailserver with telnet and rcpt command. Is there a possibility to close this secutity lack?
Thanx
Joerg
Place a checkpoint firewall, cisco pix, novell border manager box or your preferred firewall into the environment. Utilizing three interfaces, #1 to the LAN/WAN, #2 to the internet connection, #3 to the Web and Email boxes. This should be configured as what is referred to as a DMZ. Disallow telnet (Port 23) through the #2 interface. Port 25 is used to send and recieve SMTP based communications per RFC 821. Problem solved. Email me for further explanations. Port 110 is used for POP3 client to Retrieve messages and then send on port 25, IMAP v4 uses port 143 for retrieval and sends on port 25, both of which perform Directory lookups via LDAP on port 389 or 636/SSL.
Jeremy Zuniga
MCSE+I, MCT, CCDA, CCA
------------
Chay Harley at 11/28/99 8:14:34 PM
This is how email is sent. Received on port 110.
------------
Joerg at 11/24/99 7:42:02 AM
Can I avoid a telnet on port 25. everybody can send mails to inbound recipients over my mailserver with telnet and rcpt command. Is there a possibility to close this secutity lack?
Thanx
Joerg
ben saren
01-27-2000, 05:45 PM
How can I have my Exchange server in the DMZ but with LAN access to it?
And the bonus question: If this can work, how can I get the Exchange web client to work OUTSIDE the firewall?
Im more concerned with the first question..
Please help.
------------
Jeremy Zuniga at 12/1/99 10:37:31 PM
Joerg,
Place a checkpoint firewall, cisco pix, novell border manager box or your preferred firewall into the environment. Utilizing three interfaces, #1 to the LAN/WAN, #2 to the internet connection, #3 to the Web and Email boxes. This should be configured as what is referred to as a DMZ. Disallow telnet (Port 23) through the #2 interface. Port 25 is used to send and recieve SMTP based communications per RFC 821. Problem solved. Email me for further explanations. Port 110 is used for POP3 client to Retrieve messages and then send on port 25, IMAP v4 uses port 143 for retrieval and sends on port 25, both of which perform Directory lookups via LDAP on port 389 or 636/SSL.
Jeremy Zuniga
MCSE+I, MCT, CCDA, CCA
------------
Chay Harley at 11/28/99 8:14:34 PM
This is how email is sent. Received on port 110.
------------
Joerg at 11/24/99 7:42:02 AM
Can I avoid a telnet on port 25. everybody can send mails to inbound recipients over my mailserver with telnet and rcpt command. Is there a possibility to close this secutity lack?
Thanx
Joerg
And the bonus question: If this can work, how can I get the Exchange web client to work OUTSIDE the firewall?
Im more concerned with the first question..
Please help.
------------
Jeremy Zuniga at 12/1/99 10:37:31 PM
Joerg,
Place a checkpoint firewall, cisco pix, novell border manager box or your preferred firewall into the environment. Utilizing three interfaces, #1 to the LAN/WAN, #2 to the internet connection, #3 to the Web and Email boxes. This should be configured as what is referred to as a DMZ. Disallow telnet (Port 23) through the #2 interface. Port 25 is used to send and recieve SMTP based communications per RFC 821. Problem solved. Email me for further explanations. Port 110 is used for POP3 client to Retrieve messages and then send on port 25, IMAP v4 uses port 143 for retrieval and sends on port 25, both of which perform Directory lookups via LDAP on port 389 or 636/SSL.
Jeremy Zuniga
MCSE+I, MCT, CCDA, CCA
------------
Chay Harley at 11/28/99 8:14:34 PM
This is how email is sent. Received on port 110.
------------
Joerg at 11/24/99 7:42:02 AM
Can I avoid a telnet on port 25. everybody can send mails to inbound recipients over my mailserver with telnet and rcpt command. Is there a possibility to close this secutity lack?
Thanx
Joerg
Jeremy
01-31-2000, 12:52 PM
Default security on Internet Mail Connector is wide open.. Require athentication, it wiil slow them down... This will require a SMTP relay Host to the Real world... IIS 4.0 or MCIS(commercial Internet services).... You can set Certificate Mappings for the users and have this provide authentication, publish the certificate to the client and the Telnet.exe would be unable to present the published Certificate and thus would be rejected...
Jeremy
------------
Joerg at 11/24/99 7:42:02 AM
Can I avoid a telnet on port 25. everybody can send mails to inbound recipients over my mailserver with telnet and rcpt command. Is there a possibility to close this secutity lack?
Thanx
Joerg
Jeremy
------------
Joerg at 11/24/99 7:42:02 AM
Can I avoid a telnet on port 25. everybody can send mails to inbound recipients over my mailserver with telnet and rcpt command. Is there a possibility to close this secutity lack?
Thanx
Joerg
Serverwatch.com
Copyright Internet.com Inc. All Rights Reserved.
Copyright Internet.com Inc. All Rights Reserved.