In message <20050913212312.GM16110@core.center.osis.gov>, Joseph S D Yao writes :
On Tue, Sep 13, 2005 at 04:56:58PM -0400, Joseph S D Yao wrote:
On Tue, Sep 13, 2005 at 04:28:41PM -0400, Steven M. Bellovin wrote: ...
Telnet options, and for that matter speed, happen after the 3-way handshake. We're not getting that far.
--Steven M. Bellovin, http://www.cs.columbia.edu/~smb
Steve, I defer to your expertise, as always. ;-]
Nevertheless ... I went looking for comments on how this was being done, and found the following specualtion by a small number of different people.
"SEF [is] unique in that it can detect what appear to be telnet connections to Port 25 and drop the connection. This is probably because telnet connections send one character at a time whereas real SMTP clients send all the strings at once."
This would not require the 3WH, ISTM.
Sure it would -- until the 3-way handshake, there's no application data flowing, and hence no characters being sent one at a time. We'll leave to another mailing list the question of what security benefit there is to such a feature... --Steven M. Bellovin, http://www.cs.columbia.edu/~smb