RE: Private IP Address from Exchange

[Mike Alexander <mike.alexander () mail moray gov uk>]

Danux,

I'm not sure what you think you will achieve by "hiding" your internal IP
addresses.  What 'risk' do you perceive there to be, have you assessed it in
terms of vulnerability/impact?

1. I can only imagine that you are concerned about what the header info
reveals about your internal network.  So why reveal such "juicy" bits as
what firewall(s) you use, and what your Internet domain name is
(soluciones.com)?

2. The 192.168.0.x range is RFC1918 Private Address Space, so no-one will be
able to route to it via the Internet nor does it help if forging email
headers.  Whilst it does give someone an idea of the address space you use
within your network, that is only of real benefit if they get into your
network, by which time they would likely have discovered your internal IP
addressing anyway.

3. You appear to have adequate protection in terms of firewalls etc. so I
would *assume* that you are protecting your server from direct attack from
'outside'.  If not, then I would suggest you focus on that than trying to
obfuscate the details of your mail systems.

Regards,

Mike

Mike Alexander MBCS


********  The Moray Council: Internet E-mail Notice  ********

The contents of this e-mail and any attachments ('this e-mail')
are confidential and intended solely for the addressee.
If this e-mail has been sent to you by mistake, please notify
postmaster () moray gov uk as soon as possible; you should then
delete this e-mail from your computer.