[unisog] sendmail vulnerability / impact

Gerald N Flynn flynngn at jmu.edu
Fri Mar 7 17:40:25 GMT 2003


Robin Anderson wrote:

> So here goes:
> 
> 1) Has anyone else summarily blocked port 25 traffic (in or out) for
>    their ResNet?

We did this for the entire campus, not just RESNET, a year ago.
There are about ten exceptions for departmental mail servers.

>   b) If you HAVE blocked port 25, do you have any data to support it as a
>      good decision?  (I know it's hard to prove a negative and that "we
>      haven't been hacked, so it must be working" is sometimes the best we
>      can offer.)  Any complaints?

A few complaints at first. I'd reword the first question as:

  "If you HAVE blocked port 25, do you have any data to support
   it as a bad decision? "

In that case, I'd say "no". ;)

-- 
Gary Flynn
Security Engineer - Technical Services
James Madison University

Please R.U.N.S.A.F.E.
http://www.jmu.edu/computing/runsafe



More information about the unisog mailing list