Preventing VAX running VMS / Multinet from being used as SMTP relay

Tomasz Rola rtomek at ceti.pl
Wed Dec 6 09:26:52 CST 2017


On Sun, Dec 03, 2017 at 09:32:35PM -0500, Pete Rittwage via cctech wrote:
[...]
> 
> You should never use one-to-one NAT like that. You should only forward the
> ports you need from the firewall to your server. In this case, I assume
> you only need tcp/23 for telnet from the outside?

Just in case: myself, I would rather ssh to firewall, and only from
there telnet to VAX. Unless all your computers behind firewall are
only for fun and you are ok to have any kind of stuff installed there
from anywhere in a world. Some could say to this that VMS is hard to
get in because ... (fill in your preferred reaason) ... , and I would
answer that one more fence does not hurt, whereas one less might.

-- 
Regards,
Tomasz Rola

--
** A C programmer asked whether computer had Buddha's nature.      **
** As the answer, master did "rm -rif" on the programmer's home    **
** directory. And then the C programmer became enlightened...      **
**                                                                 **
** Tomasz Rola          mailto:tomasz_rola at bigfoot.com             **


More information about the cctalk mailing list