From owner-freebsd-security  Wed Jul 24  9:38:13 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 68F4737B400
	for <freebsd-security@FreeBSD.ORG>; Wed, 24 Jul 2002 09:38:10 -0700 (PDT)
Received: from leu.braila.astral.ro (LEU.braila.astral.Ro [194.105.27.21])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 2846743E3B
	for <freebsd-security@FreeBSD.ORG>; Wed, 24 Jul 2002 09:38:09 -0700 (PDT)
	(envelope-from ionut.serbanica@braila.astral.ro)
Received: from shreck (Just.For.Fun.On.Amnesiac.ro [194.105.27.165] (may be forged))
	by leu.braila.astral.ro (8.11.6/pre1.0-MySQL/8.11.0(mysql/milter/ssl)) with SMTP id g6OGgrS27252;
	Wed, 24 Jul 2002 19:42:53 +0300
Message-ID: <009601c23330$83317ae0$a51b69c2@amnesiac.ro>
From: "Serbanica Ionut" <ionut.serbanica@braila.astral.ro>
To: "Christoph Kukulies" <kuku@accms33.physik.rwth-aachen.de>
Cc: <freebsd-security@FreeBSD.ORG>
References: <E17XI6M-000Cwh-00@xi.css.qmw.ac.uk>
Subject: Re: port 587 - submission service open, why? 
Date: Wed, 24 Jul 2002 19:38:16 +0300
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
X-RAVMilter-Version: 8.3.3(snapshot 20020312) (leu.braila.astral.ro)
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org


----- Original Message -----
From: "David Pick" <d.m.pick@qmul.ac.uk>
To: "Christoph Kukulies" <kuku@accms33.physik.rwth-aachen.de>
Cc: <freebsd-security@FreeBSD.ORG>
Sent: Wednesday, July 24, 2002 12:06 PM
Subject: Re: port 587 - submission service open, why?


>
> > I installed 4.6 on my mobile computer gladly noting that
> > when testing it using nmap ( http://www.insecure.org/)
> > only ssh, smtp aand another service which was unknown to me until now
> > was open.
>
> It's a variant of SMTP tuned/tunable for accepting messages
> from MUAs on *initial* submission from a MUA to a MTA. Later
> versions of "sendmail" automatically listen for this port as
> well as port 25.
>

Jeap. Is true. Sendmail.cf:

# SMTP daemon options
O DaemonPortOptions=Name=MTA
O DaemonPortOptions=Port=587, Name=MSA, M=E

If you don't want him on, just coment the line and restart sendmail.

> > I'm just wondering why on the one hand care is taken to close as much
> > as possible then on the other hand a comparably unknown and maybe
untested
> > service is opened to the outside.
>
> Not unknown, not untested, no extra risk compared with port 25 anyway.
>
> --
> David Pick
>
>

Cheers,


>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
>


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message