Re: smtp flow

From: John Matus (jmatus@pacbell.net)
Date: Mon Nov 15 2004 - 03:29:10 GMT-3

yes, that was my initial thinking, however internetwork experts had it
ass-backwards in their solution guide and i just wanted to make sure i was
correct <and they had a typo>

Regards,

John D. Matus
MCSE, CCNP
Office: 818-782-2061
Cell: 818-430-8372
jmatus@pacbell.net
----- Original Message -----
From: "marc van hoof" <mvh@marcvanhoof.com>
To: "ccie2be" <ccie2be@nyc.rr.com>
Cc: "John Matus" <jmatus@pacbell.net>; "lab" <ccielab@groupstudy.com>
Sent: Sunday, November 14, 2004 8:50 PM
Subject: Re: smtp flow

> oh, and to answer the question, i would probably go with:
>
> deny tcp any eq smtp any
>
> given that you have to look at the terms "server" and "client" from the
> perspective of the transaction, rather than the functions of the
> hardware...
>
> in a traditional transaction, a client will be the originator of a
> session, and the server will be the recipient...
>
> so PC 1 creates a tcp connection from some random source port to another
> computer on port 25... in this transaction, i'd interpret that as the
> "server"
>
> to block the return traffic, you need to stop it flowing from the "server"
> on port 25 to the client's variable port, hence it must be unspecified in
> the acl.
>
> the definition of "server" and "client" are something you could probably
> ask the proctor though - just to clarify your understanding of the
> question. "proctor - should we assume that the client is the originator of
> the connection - i'm a bit confused because smtp is often used between
> mail servers"...
>
> -marc (#13832)
>
> On Sun, 14 Nov 2004, ccie2be wrote:
>
>> John,
>>
>> I don't know the answer for sure. But, in the lab, if something like
>> that
>> comes and the wording of the task didn't forbid it, what I would do is
>> use
>> both. Youdon't lose points for extra config commands which aren't needed
>> as
>> long as the extra commands don't break or violate anything else.
>>
>> If one of those entries is the right entry but you don't know which one
>> and
>> just guess, you've got a 50% chance of being right. If you put in both
>> entries and the wrong entry does no harm, you've increase your odds to
>> 100%.
>>
>> FYI, smtp is usually not used between a server and a client. Usually,
>> it's
>> something like pop, (or imap?).
>>
>> HTH, Tim
>> ----- Original Message -----
>> From: "John Matus" <jmatus@pacbell.net>
>> To: "lab" <ccielab@groupstudy.com>
>> Sent: Sunday, November 14, 2004 10:09 PM
>> Subject: smtp flow
>>
>>
>>> if you are writing an acl that is denying a smpt flow from a server to a
>>> client would it be:
>>>
>>> deny tcp any eq smtp any?..........(or deny tcp any any eq smtp)?
>>>
>>>
>>> Regards,
>>>
>>> John D. Matus
>>> MCSE, CCNP
>>> Office: 818-782-2061
>>> Cell: 818-430-8372
>>> jmatus@pacbell.net
>>>
>>> _______________________________________________________________________
>>> Subscription information may be found at:
>>> http://www.groupstudy.com/list/CCIELab.html
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html

This archive was generated by hypermail 2.1.4 : Thu Dec 02 2004 - 06:57:45 GMT-3