GroupStudy.com GroupStudy.com - A virtual community of network engineers
 Home  BookStore  StudyNotes  Links  Archives  StudyRooms  HelpWanted  Discounts  Login
Re: smtp flow posted 11/15/2004
[Chronological Index] [Thread Index] [Top] [Date Prev][Date Next] [Thread Prev][Thread Next]


Which lab?  task?

----- Original Message ----- 
From: "John Matus" <jmatus@xxxxxxxxxxx>
To: "marc van hoof" <mvh@xxxxxxxxxxxxxxx>; "ccie2be" <ccie2be@xxxxxxxxxx>
Cc: "lab" <ccielab@xxxxxxxxxxxxxx>
Sent: Monday, November 15, 2004 1:29 AM
Subject: Re: smtp flow


> yes, that was my initial thinking, however internetwork experts had it
> ass-backwards in their solution guide and i just wanted to make sure i was
> correct <and they had a typo>
>
>
> Regards,
>
> John D. Matus
> MCSE, CCNP
> Office: 818-782-2061
> Cell: 818-430-8372
> jmatus@xxxxxxxxxxx
> ----- Original Message ----- 
> From: "marc van hoof" <mvh@xxxxxxxxxxxxxxx>
> To: "ccie2be" <ccie2be@xxxxxxxxxx>
> Cc: "John Matus" <jmatus@xxxxxxxxxxx>; "lab" <ccielab@xxxxxxxxxxxxxx>
> Sent: Sunday, November 14, 2004 8:50 PM
> Subject: Re: smtp flow
>
>
> > oh, and to answer the question, i would probably go with:
> >
> > deny tcp any eq smtp any
> >
> > given that you have to look at the terms "server" and "client" from the
> > perspective of the transaction, rather than the functions of the
> > hardware...
> >
> > in a traditional transaction, a client will be the originator of a
> > session, and the server will be the recipient...
> >
> > so PC 1 creates a tcp connection from some random source port to another
> > computer on port 25... in this transaction, i'd interpret that as the
> > "server"
> >
> > to block the return traffic, you need to stop it flowing from the
"server"
> > on port 25 to the client's variable port, hence it must be unspecified
in
> > the acl.
> >
> > the definition of "server" and "client" are something you could probably
> > ask the proctor though - just to clarify your understanding of the
> > question. "proctor - should we assume that the client is the originator
of
> > the connection - i'm a bit confused because smtp is often used between
> > mail servers"...
> >
> > -marc (#13832)
> >
> > On Sun, 14 Nov 2004, ccie2be wrote:
> >
> >> John,
> >>
> >> I don't know the answer for sure.  But, in the lab, if something like
> >> that
> >> comes and the wording of the task didn't forbid it, what I would do is
> >> use
> >> both.  Youdon't lose points for extra config commands which aren't
needed
> >> as
> >> long as the extra commands don't break or violate anything else.
> >>
> >> If one of those entries is the right entry but you don't know which one
> >> and
> >> just guess, you've got a 50% chance of being right.  If you put in both
> >> entries and the wrong entry does no harm, you've increase your odds to
> >> 100%.
> >>
> >> FYI, smtp is usually not used between a server and a client.  Usually,
> >> it's
> >> something like pop, (or imap?).
> >>
> >> HTH, Tim
> >> ----- Original Message -----
> >> From: "John Matus" <jmatus@xxxxxxxxxxx>
> >> To: "lab" <ccielab@xxxxxxxxxxxxxx>
> >> Sent: Sunday, November 14, 2004 10:09 PM
> >> Subject: smtp flow
> >>
> >>
> >>> if you are writing an acl that is denying a smpt flow from a server to
a
> >>> client would it be:
> >>>
> >>> deny tcp any eq smtp any?..........(or deny tcp any any eq smtp)?
> >>>
> >>>
> >>> Regards,
> >>>
> >>> John D. Matus
> >>> MCSE, CCNP
> >>> Office: 818-782-2061
> >>> Cell: 818-430-8372
> >>> jmatus@xxxxxxxxxxx
> >>>
> >>>
_______________________________________________________________________
> >>> Subscription information may be found at:
> >>> http://www.groupstudy.com/list/CCIELab.html
> >>
> >> _______________________________________________________________________
> >> Subscription information may be found at:
> >> http://www.groupstudy.com/list/CCIELab.html