Re: smtp flow

From: marc van hoof (mvh@marcvanhoof.com)
Date: Mon Nov 15 2004 - 01:50:29 GMT-3

• Next message: marc van hoof: "Re: Fw: smtp flow"
• Previous message: Narcis Micsoniu: "RE: smtp flow"
• Maybe in reply to: John Matus: "smtp flow"
• Next in thread: Brian Dennis: "RE: smtp flow"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

oh, and to answer the question, i would probably go with:

deny tcp any eq smtp any

given that you have to look at the terms "server" and "client" from the
perspective of the transaction, rather than the functions of the
hardware...

in a traditional transaction, a client will be the originator of a
session, and the server will be the recipient...

so PC 1 creates a tcp connection from some random source port to another
computer on port 25... in this transaction, i'd interpret that as the
"server"

to block the return traffic, you need to stop it flowing from the "server"
on port 25 to the client's variable port, hence it must be unspecified in
the acl.

the definition of "server" and "client" are something you could probably
ask the proctor though - just to clarify your understanding of the
question. "proctor - should we assume that the client is the originator of
the connection - i'm a bit confused because smtp is often used between
mail servers"...

-marc (#13832)

On Sun, 14 Nov 2004, ccie2be wrote:

> John,
>
> I don't know the answer for sure. But, in the lab, if something like that
> comes and the wording of the task didn't forbid it, what I would do is use
> both. Youdon't lose points for extra config commands which aren't needed as
> long as the extra commands don't break or violate anything else.
>
> If one of those entries is the right entry but you don't know which one and
> just guess, you've got a 50% chance of being right. If you put in both
> entries and the wrong entry does no harm, you've increase your odds to 100%.
>
> FYI, smtp is usually not used between a server and a client. Usually, it's
> something like pop, (or imap?).
>
> HTH, Tim
> ----- Original Message -----
> From: "John Matus" <jmatus@pacbell.net>
> To: "lab" <ccielab@groupstudy.com>
> Sent: Sunday, November 14, 2004 10:09 PM
> Subject: smtp flow
>
>
>> if you are writing an acl that is denying a smpt flow from a server to a
>> client would it be:
>>
>> deny tcp any eq smtp any?..........(or deny tcp any any eq smtp)?
>>
>>
>> Regards,
>>
>> John D. Matus
>> MCSE, CCNP
>> Office: 818-782-2061
>> Cell: 818-430-8372
>> jmatus@pacbell.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: marc van hoof: "Re: Fw: smtp flow"
• Previous message: Narcis Micsoniu: "RE: smtp flow"
• Maybe in reply to: John Matus: "smtp flow"
• Next in thread: Brian Dennis: "RE: smtp flow"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Dec 02 2004 - 06:57:45 GMT-3