RE: NOOP
- From: "Thomas W. Shinder" <tshinder@xxxxxxxxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Mon, 24 Jun 2002 14:48:04 -0500
Hi Agitated God,
Could a buffer overflow to accomplished with NOOP? I have no idea, but
maybe that's why they disabled it? Or maybe they thought that since the
command doesn't do anything, why enable it?
Good question. Wish I had some good answers.
Tom
www.isaserver.org/shinder
-----Original Message-----
From: Deus, Attonbitus [mailto:Thor@xxxxxxxxxxxxxxx]
Sent: Monday, June 24, 2002 2:03 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] NOOP
http://www.ISAserver.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Greetings:
By default, the SMTP filter disables "NOOP," the No Operation
command. This has never been a problem for our inbound mail, AFAIK.
However, a client our ours using Exchange 5.5 has always received a
"Host
unreachable" NDR from their exchange server when mail was delivered to
us.
I cleared the logs, and immediately upon testing (when they would send
an
email) i would see the Unsafe SMTP Command event for NOOP. I enabled it
for 6 bytes (the default) and immediately got a "exceeded length" error
(their NOOP was buffered by spaces and 30 bytes). After increasing to
35
bytes (to be safe) the mail from them now delivers normally.
The question is this: Has everyone using the SMTP filter enabled
NOOP? Have you increased the size? I know of no NOOP security issues,
so
why is NOOP disabled by default? Inquiring minds want to know.
Thanks.
AD
-----BEGIN PGP SIGNATURE-----
Version: PGP 7.1
iQA/AwUBPRds54hsmyD15h5gEQKQTgCghnJWba65KH+lzAbc26zpSbDDN1oAoLJI
smnj/LT8HC64gp5oVAXAM3Gj
=5mDq
-----END PGP SIGNATURE-----
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
Other related posts:
