Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

RFC and silent discarding of e-mails (was: Backdoor not recognized by Kaspersky)
From: Martin Mačok <martin.macok () underground cz>
Date: Thu, 4 Mar 2004 10:13:25 +0100

On Thu, Mar 04, 2004 at 12:01:54AM -0600, Mike Barushok wrote:

Then there is the 'rejection' problem. If the mail is not accepted,
laws prohibit silently discarding it.

Yes, your SMTP servers should not silently discard the message to
comply with RFC 2821 (SMTP) but keep in mind that they also should not
inspect the content of the message and should assume the message is
valid.

On the other side - your application-level firewalls (SMTP filters)
can implement any "safe" subset of SMTP and are allowed to break RFC
2821 for valid reasons. See RFC 3234 (Middleboxes: Taxonomy and
Issues) and RFC 2979 (Firewall Requirements).

Martin Mačok

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault