From owner-freebsd-security  Wed Jul 24  2:10:45 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 13C6C37B401
	for <freebsd-security@freebsd.org>; Wed, 24 Jul 2002 02:10:39 -0700 (PDT)
Received: from zeta.qmw.ac.uk (zeta.qmw.ac.uk [138.37.6.6])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 8402F43E42
	for <freebsd-security@freebsd.org>; Wed, 24 Jul 2002 02:10:38 -0700 (PDT)
	(envelope-from d.m.pick@qmul.ac.uk)
Received: from xi.css.qmw.ac.uk ([138.37.8.11])
	by zeta.qmw.ac.uk with esmtp (Exim 3.32 #1)
	id 17XI6q-0002JO-00; Wed, 24 Jul 2002 10:07:04 +0100
Received: from localhost ([127.0.0.1] helo=xi.css.qmw.ac.uk)
	by xi.css.qmw.ac.uk with esmtp (Exim 3.34 #1)
	id 17XI6M-000Cwh-00; Wed, 24 Jul 2002 10:06:34 +0100
X-Mailer: exmh version 2.5 07/13/2001 with nmh-1.0.4
To: Christoph Kukulies <kuku@accms33.physik.rwth-aachen.de>
Cc: freebsd-security@freebsd.org
Subject: Re: port 587 - submission service open, why? 
In-reply-to: Your message of "Wed, 24 Jul 2002 10:51:47 +0200."
             <200207240851.KAA14874@accms33.physik.rwth-aachen.de> 
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Wed, 24 Jul 2002 10:06:34 +0100
From: David Pick <d.m.pick@qmul.ac.uk>
Message-Id: <E17XI6M-000Cwh-00@xi.css.qmw.ac.uk>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org


> I installed 4.6 on my mobile computer gladly noting that
> when testing it using nmap ( http://www.insecure.org/)
> only ssh, smtp aand another service which was unknown to me until now
> was open.

It's a variant of SMTP tuned/tunable for accepting messages
from MUAs on *initial* submission from a MUA to a MTA. Later
versions of "sendmail" automatically listen for this port as
well as port 25.

> I'm just wondering why on the one hand care is taken to close as much
> as possible then on the other hand a comparably unknown and maybe untested
> service is opened to the outside.

Not unknown, not untested, no extra risk compared with port 25 anyway.

-- 
	David Pick



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message