Date: Wed, 15 May 2002 11:31:34 -0700 From: Terry Lambert <tlambert2@mindspring.com> To: Drew Raines <drew-dated-1022684585.514754@rain3s.net> Cc: freebsd-chat@freebsd.org Subject: Re: internal hosts in email Message-ID: <3CE2A986.E9A1F22B@mindspring.com> References: <3CE2702A.A67642FE@centtech.com> <20020515150303.GU16671@williams.mc.vanderbilt.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
Drew Raines wrote: > > The problem is, the mail headers show all the internal hosts that > > the mail passed (via the Received: lines), and I think that is a > > security risk. > > No. If you're concerned because of the software you're running, run > better software. > > > Does anyone have a trick to remove those using the .mc files? > > Obscurity is not security. MTA's add those fields for a reason. If > you ever have to diagnose a mail delivery problem, you'll probably > want them there. Certain internal names should not be exposed because they will fail DNS lookup, and therefore will fail origin checking by mail servers which require that email messages be replyable, like God and RFC 821 intended. -- Terry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3CE2A986.E9A1F22B>