--Boundary_(ID_U20V6eW+TzX9JxFGn7YxTw)
Content-type: text/plain; charset=us-ascii
Content-transfer-encoding: 7bit
> Hello, I recently had a problem while testing some security startegies on
> our internal network. The problem in a nutshell was that our Gauntlet
> firewall bastion host was bouncing all mail originating from inside the
> firewall. (I'm not sure if it bounced all incomming mail or not, I
> believe that at a certain point it more than likely did).
Keep in mind that Gauntlet smap/smapd is a front end for sendmail.
It expects to send mail via SMTP to an internal mail hub, and it
is the responsibility of the internal mail hub to handle the
mail properly. What appears to occur here is the dud mail message
is redelivered to the LAN host (likely addressed
to: trashaddress@localdomain) which should then cause the message to
bounce. The bounce should go to jim@realdomain.com, which the
LAN server should drop. Instead it tries to send it back to
the Firewall. Rinse, Lather, Repeat...
I'd suggest grabbing some of the bounces and forwarding them to
gauntlet-support. They are pretty good at diagnosis and sendmail
diagnosis.
Cheers,
Fuzz
(ex-Gauntlet Support Goon)
-- John "FuzzFace" McMahon, Director of Internet Technologies Worldwide Solutions, Inc. Sterling, Virginia mailto:mcmahon@wwsi.com +1.303.581.0800 http://www.wwsi.com/--Boundary_(ID_U20V6eW+TzX9JxFGn7YxTw) Content-type: text/x-vcard; name=vcard.vcf; charset=us-ascii Content-description: Card for John McMahon Content-disposition: attachment; filename=vcard.vcf Content-transfer-encoding: 7bit
begin: vcard fn: John McMahon n: McMahon;John org: <IMG SRC="http://www.wwsi.com/logo.gif" ALT="Worldwide Solutions Inc."> adr: 46883 Rabbitrun Terrace ;;;Sterling;VA;20164;USA email;internet: mcmahon@wwsi.com title: Director, Internet Technologies tel;work: 703.450.6793/303.581.0800 x-mozilla-cpt: ;0 x-mozilla-html: FALSE end: vcard
--Boundary_(ID_U20V6eW+TzX9JxFGn7YxTw)--
