[PLUG] Re: [eug-lug]Spam Filtering With Remote Access
Cooper Stevenson
cooper at cooper.stevenson.name
Fri Jul 18 11:27:01 UTC 2003
On Fri, 2003-07-18 at 11:22, Cory Petkovsek wrote:
> What is not correct?
> Are you refuting that accessing a samba share across the internet is
> insecure? Or are you saying my interpretation of your setup is not
> correct.
Your interpretation of my setup is not correct. I mean, how does one do
SMB communications through the mail client? That's a dialog box I
haven't seen yet :-). It's through IMAP. Trust me.
> You had said the system may be one system and it may not have
> a firewall. Logic leads us to believe that samba would be on a
machine
> plugged directly in to the internet.
No, it's a smbmount pointing to an NT server on the Linux box. The files
themselves are on another machin on the internal subnet. See to my
comment about adding a second NIC with routing to be doubly secure.
> Without a firewall, this is not
> secure. Without a firewall, how can you require all communications to
> occur through port 143?
Reject the traffic with IP tables. Better to have a firewall.
>
> Also port 143 is for imap without ssl, which means plain text
passwords
> having access to not only an imap server but also a file server
through
> imap and is even less secure with greater liability than using samba.
Pardon me. IMAPS, port 993. My mistake.
--
--------------------------------------------------------------
| Cooper Stevenson | Em: cooper at cooper.stevenson.name |
| Open Source Consultant | Ph: 541.924.9434 |
--------------------------------------------------------------
More information about the PLUG
mailing list