Re: How I spent my Christmas vacation - Email found in subject

  • From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Tue, 3 Jan 2006 13:16:48 -0600

Hi Danny,

So, you allow LDAP queries from hosts on an anonymous access DMZ. How do
you mitigate the security issues involved with that. Yes, I know the
convention wisdom in some circles say don't accept mail to non-existing
accounts, but then you have to allow LDAP from a very low security zone.
A very poor compromise.

Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://spaces.msn.com/members/drisa/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
**Who is John Galt?**

 

> -----Original Message-----
> From: Danny [mailto:nocmonkey@xxxxxxxxx] 
> Sent: Tuesday, January 03, 2006 1:05 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] Re: How I spent my Christmas vacation - 
> Email found in subject
> 
> http://www.ISAserver.org
> 
> On 1/3/06, Joseph Danielsen <JDanielsen@xxxxxxxxxxxxxxxx> wrote:
> > Dan:
> >
> > In my case, I do filter Recp not in AD, but I read GFI's 
> manual which
> > suggested that sending the NDR to spammers would simply 
> convince them to
> > take the email address off of their list. Even IF that were 
> true (and
> > it's not) the cost was too high.
> 
> 1) Do not *send* (this means a new message; I am not referring to
> rejecting the email in the original SMTP conversation [that should be
> your goal]) NDR's to anyone outside of your domain/organization
> 2) Do not accept email sent to recipients that do not exist!
> 3) Do not send email to spammers
> 
> > It seems as though I stopped making changes like that about the same
> > time I stopped eating pills found on the ground...just to see what
> > they'd do to me :)
> >
> > > Please don't beat me up on this one <
> 
> Google: email backscatter
> 
> ...D
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion 
> List as: tshinder@xxxxxxxxxxxxxxxxxx
> To unsubscribe visit 
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
>

Other related posts:

  1. Home
  2. isalist
  3. Archive
  4. 01-2006