[ RFC Index | RFC Search | Usenet FAQs | Web FAQs | Documents | Cities ]
    Search the Archives
Display RFC by number
    

RFC 2645: Dear RFC authors,I would like to add to the abstract of that...

<< Back to: RFC 2645

 
Reader comments:
 

Comment by Samuel Barbaud
Submitted on 4/8/2004
Related RFC: RFC 2645
Rating: Rate this comment: Vote
Dear RFC authors,I would like to add to the abstract of that ODMR is not only usefull for servers with dynamic IP but also offer a nice security improvement preventing network intrusions via the SMTP port:In the typical secure architecture of big organisations, the SMTP servers targeted by the MX records are hosted in a DMZ and then forward the mail via an other SMTP connection to a corporate mail server (ie: Notes or Exchange). Since the firewall must allow SMTP traffic both ways between the corporate server and the DMZ server, one could use this tunnel to exploit vulnerabilities on the corporate server once the DMZ server is compromised.This will be not much possible with ODMR since the Firewall rule will prevent the compromised DMZ server to initiate the SMTP session.

 
 
FAQS.ORG makes no guarantees as to the accuracy of the posts. Each post is the personal opinion of the poster. These posts are not intended to substitute for medical, tax, legal, investment, accounting, or other professional advice. FAQS.ORG does not endorse any opinion or any product or service mentioned mentioned in these posts.

<< Back to: RFC 2645
© 2008 FAQS.ORG. All rights reserved.