Firewall: Add Services SSMTP and submission
| Message ID | 1469448863-17224-1-git-send-email-alexander.marx@ipfire.org |
|---|---|
| State | Superseded |
| Delegated to: | Michael Tremer |
| Headers |
Return-Path: <development-bounces@lists.ipfire.org> Received: from mail01.ipfire.org (hedwig.ipfire.org [172.28.1.200]) by web02.ipfire.org (Postfix) with ESMTP id 2506D60C16 for <patchwork@ipfire.org>; Mon, 25 Jul 2016 14:14:38 +0200 (CEST) Received: from mail01.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id 3BCAEC44; Mon, 25 Jul 2016 14:14:30 +0200 (CEST) Received: from EDV.kappeln2011.lan (ip1f113d5a.dynamic.kabel-deutschland.de [31.17.61.90]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 01404AAE; Mon, 25 Jul 2016 14:14:26 +0200 (CEST) From: Alexander Marx <alexander.marx@ipfire.org> To: development@lists.ipfire.org Subject: [PATCH] Firewall: Add Services SSMTP and submission Date: Mon, 25 Jul 2016 14:14:23 +0200 Message-Id: <1469448863-17224-1-git-send-email-alexander.marx@ipfire.org> X-Mailer: git-send-email 2.7.4 X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: IPFire development talk <development.lists.ipfire.org> List-Unsubscribe: <http://lists.ipfire.org/mailman/options/development>, <mailto:development-request@lists.ipfire.org?subject=unsubscribe> List-Archive: <http://lists.ipfire.org/pipermail/development/> List-Post: <mailto:development@lists.ipfire.org> List-Help: <mailto:development-request@lists.ipfire.org?subject=help> List-Subscribe: <http://lists.ipfire.org/mailman/listinfo/development>, <mailto:development-request@lists.ipfire.org?subject=subscribe> Errors-To: development-bounces@lists.ipfire.org Sender: "Development" <development-bounces@lists.ipfire.org> |
Message
Alexander Marx
July 25, 2016, 10:14 p.m. UTC
Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>
---
config/fwhosts/customservices | 3 +++
1 file changed, 3 insertions(+)
Comments
Hi, since when is Submission using UDP (and spelled all in capitals)? I guess it is intentional that existing systems are not updated? Best, -Michael On Mon, 2016-07-25 at 14:14 +0200, Alexander Marx wrote: > Signed-off-by: Alexander Marx <alexander.marx@ipfire.org> > --- > config/fwhosts/customservices | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/config/fwhosts/customservices b/config/fwhosts/customservices > index 9b25a72..bf3a690 100644 > --- a/config/fwhosts/customservices > +++ b/config/fwhosts/customservices > @@ -32,3 +32,6 @@ > 34,DNS (TCP),53,TCP,,0 > 19,FTPS data,989,TCP,BLANK,0 > 5,SMTP,25,TCP,BLANK,0 > +35,SUBMISSION (TCP),587,TCP,BLANK,0 > +36,SUBMISSION (UDP),587,UDP,BLANK,0 > +37,SSMTP,465,TCP,BLANK,0
Changed that. I think there's no need to update existing installations. The people who are already using the system for years, would have already added the service if needed. Alex Am 26.07.2016 um 14:06 schrieb Michael Tremer: > Hi, > > since when is Submission using UDP (and spelled all in capitals)? > > I guess it is intentional that existing systems are not updated? > > Best, > -Michael > > On Mon, 2016-07-25 at 14:14 +0200, Alexander Marx wrote: >> Signed-off-by: Alexander Marx <alexander.marx@ipfire.org> >> --- >> config/fwhosts/customservices | 3 +++ >> 1 file changed, 3 insertions(+) >> >> diff --git a/config/fwhosts/customservices b/config/fwhosts/customservices >> index 9b25a72..bf3a690 100644 >> --- a/config/fwhosts/customservices >> +++ b/config/fwhosts/customservices >> @@ -32,3 +32,6 @@ >> 34,DNS (TCP),53,TCP,,0 >> 19,FTPS data,989,TCP,BLANK,0 >> 5,SMTP,25,TCP,BLANK,0 >> +35,SUBMISSION (TCP),587,TCP,BLANK,0 >> +36,SUBMISSION (UDP),587,UDP,BLANK,0 >> +37,SSMTP,465,TCP,BLANK,0
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I determined it used udp by grep'ing "submission" from /etc/services. Granted, I have absolutely NO idea why submission would ever use udp but, at least on my Debian Wheezy workstation, it shows up as 587 for both tcp and udp. That is why I included it in the original request. I did not look up the rfc (RFC4409, http://www.ietf.org/rfc/rfc4409.txt) or maybe RCH6409 (https://tools.ietf.org/html/rfc6409). My bad. Going to those I see it has absolutely no mention of udp in them. However, I did a quick search and found it mentioned other places for tcp and udp. I did find mention of udp at stackoverflow, saying "In theory SMTP can be handled by either TCP, UDP, or some 3rd party protocol." (http://stackoverflow.com/questions/16809214/is-smtp-based-on-tcp-or-udp ) and linking to various RFC's. However, I know of no servers currently that use anything other than tcp for submission. I may be wrong. I think we'd be safe to include or not include udp. It is "Legally" viable, but I'm not aware of any actual use. Rod On 07/26/2016 07:06 AM, Michael Tremer wrote: > Hi, > > since when is Submission using UDP (and spelled all in capitals)? > > I guess it is intentional that existing systems are not updated? > > Best, -Michael > > On Mon, 2016-07-25 at 14:14 +0200, Alexander Marx wrote: >> Signed-off-by: Alexander Marx <alexander.marx@ipfire.org> --- >> config/fwhosts/customservices | 3 +++ 1 file changed, 3 >> insertions(+) >> >> diff --git a/config/fwhosts/customservices >> b/config/fwhosts/customservices index 9b25a72..bf3a690 100644 --- >> a/config/fwhosts/customservices +++ >> b/config/fwhosts/customservices @@ -32,3 +32,6 @@ 34,DNS >> (TCP),53,TCP,,0 19,FTPS data,989,TCP,BLANK,0 >> 5,SMTP,25,TCP,BLANK,0 +35,SUBMISSION (TCP),587,TCP,BLANK,0 >> +36,SUBMISSION (UDP),587,UDP,BLANK,0 +37,SSMTP,465,TCP,BLANK,0 - -- Rod Rodolico Daily Data, Inc. POB 140465 Dallas TX 75214-0465 214.827.2170 http://www.dailydata.net -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAleZEokACgkQuVY3UpYMlTT8pQCeNkb++FXhUhVfrqp/+KI5RwGm 52UAnRkSdVrBYzZMiJkm0VOtclKwmcwy =345V -----END PGP SIGNATURE-----