internal ip address
Hugo van der Kooij
hvdkooij at vanderkooij.org
Wed Feb 6 18:37:46 GMT 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Denis Beauchemin wrote:
| alexbo at myself.com a écrit :
|> Hi there,
|> my Linux server has MailScanner v4.65.3 with postfix v2.1.5
|> When, for example, I send a message from a pc whose internal ip
|> address is 10.0.0.175 taking a look in the headers of outgoing mail
|> I've seen the last header just before Message-ID to appear like that
|>
|> Received: from [10.0.0.175] (pc1 [10.0.0.175])
|> by smtp.vvv.net (Postfix) with ESMTP id 6EBF7A75C7
|> for <aaa at mail.com>; Tue, 5 Feb 2008 14:16:09 +0100 (CET)
|>
|> Why the ip address of the sender is shown (twice) in square brackets ?
|>
|> My task is avoiding the outer world to know the internal ip of the
|> sender...
|
| Alex,
|
| The IP addresses you use are non-routable. That means nobody can access
| your computers from the internet because no router will allow them. So
| don't worry about the whole world knowing about your internal IP
addresses.
Those were my thoughts exactly.
However a lot of auditors will make remarks on this in their report and
note it as information disclosures. Some of them might actually mark
them as critical issues that MUST be resolved.
Ain't this a funny world?
Hugo.
- --
hvdkooij at vanderkooij.org http://hugo.vanderkooij.org/
PGP/GPG? Use: http://hugo.vanderkooij.org/0x58F19981.asc
A: Yes.
>Q: Are you sure?
>>A: Because it reverses the logical flow of conversation.
>>>Q: Why is top posting frowned upon?
Bored? Click on http://spamornot.org/ and rate those images.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFHqf55BvzDRVjxmYERAtxEAJ9TYUyqQqi5rs3+Re69ltNzqSt0HACdFa2S
dDltFJS3gd82ekcyKQ0DloE=
=0WqL
-----END PGP SIGNATURE-----
More information about the MailScanner
mailing list