[Maybe OT] - RFC compliance checking at session
mkettler at evi-inc.com
Fri Feb 29 16:48:15 GMT 2008
> Hi All,
> I would like to illicit some opinions from you other MailScanner using
Pretty much all your opinions here are valid, except:
> and the IP does not accept return SMTP – indicating that
> it’s probably a web server and not an MTA itself.
I find that conclusion irrational. Why wouldn't it be an MTA?
Anyone large enough to have separate MX (inbound) and smarthost (outbound)
servers should *NOT* be accepting inbound SMTP connections to their smarthost
servers from the outside world. Only their internal network should be able to
SMTP to the smarthost.
There's no reason to allow it, so best practice would suggest you should close
that off at the firewall. Any legitimate mail delivery attempts will go to the
MX servers. Therefore any attempts to connect to port 25 on the SmartHost from
the outside are either hackers, scans, or random pokes and prods at parts of
your network nobody on the outside belongs in.
I think it's a pretty far jump to assume that any system that generates SMTP but
doesn't accept inbound from you can't be an MTA. It's quite possible it is an
MTA, but you're not authorized to try to queue mail there and are firewalled out.
More information about the MailScanner