Re: A question on smtp service with LVS

To:	lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject:	Re: A question on smtp service with LVS
From:	".::. Viperman .::." <viperman77@xxxxxxx>
Date:	Wed, 05 Nov 2003 01:14:12 -0200

You assumed it rt. The RIP appears in the received lines of messages sent bymy smtp server which is the real server.

It makes sense what you said.
What I just don't understand is my VIP appears nowhere in the message
headers, but the RIP appears.
I was expecting as usual, the realserver would spoof its address as it does
on http and dns.
I will take a try on hackign the MTA like you said. Btw, any clue or url on
how to do that would be of a great help.

Thanks.

From: Horms <horms@xxxxxxxxxxxx>
Reply-To: "LinuxVirtualServer.org users mailing list."<lvs-users@xxxxxxxxxxxxxxxxxxxxxx>To: "LinuxVirtualServer.org users mailing list."<lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: A question on smtp service with LVS
Date: Wed, 5 Nov 2003 11:01:17 +0900

On Tue, Nov 04, 2003 at 11:28:04PM -0200, .::. Viperman .::. wrote:
> Hello Everyone,
>
> I'm successfully running LVS with TUN with servers in different networksand
> different countries.
> Everything is great since I can balance my load and keep all sites upall> the time and at the same time I hide my real servers ips so nobodyattack
> them. Thats great.
>
> My question is: I'm successfully running LVS on http, ftp, dns andnearly
> everything. Now when I tried to do the same to smpt protocol, I got a
> surprise. On the same server I have LVS with TUN running just fine forboth
> http and dns, and I do the same for smtp (port 25), my real server ip
> appears on all messages, revealing the real server ip, so this is a
> potential brench for an attacker.

I assume that you mean that the RIP appears in the recieved
lines of messages sent by your smtp server.

This is a bit hard to get around as that like is put
there by machines that recieve the message. So they will
put in whatever address the message was recieved from.

Alternatively, if you are talking of something tha is added
by your mail server, then just reconfigure/hack the MTA.

--
Horms
_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://www.in-addr.de/mailman/listinfo/lvs-users


_________________________________________________________________

Frustrated with dial-up? Get high-speed for as low as $26.95.https://broadband.msn.com (Prices may vary by service area.)

<Prev in Thread]	Current Thread	[Next in Thread>
A question on smtp service with LVS, .::. Viperman .::. Re: A question on smtp service with LVS, Horms Re: A question on smtp service with LVS, .::. Viperman .::. <= Re: A question on smtp service with LVS, Horms Re: A question on smtp service with LVS, Joseph Mack

Previous by Date:	Re: RedHat End-of-Life/Ultramonkey, John Cronin
Next by Date:	RE: LVS-Nat vs DR, Andrew Swaine
Previous by Thread:	Re: A question on smtp service with LVS, Horms
Next by Thread:	Re: A question on smtp service with LVS, Horms
Indexes:	[Date] [Thread] [Top] [All Lists]