Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: FWTK and smap/smapd

From: "Marcus J. Ranum" <mjr () ranum com>
Date: Thu, 18 Jul 2002 17:39:52 -0400
Paul Robertson wrote:

These days, if you're running a 
corporate gateway, you need *lots* of functionality for mail (mostly for 
blocking and rewriting)


This is merely a side-effect of a foolish desire for backwards compatibility. If we
declared that:
"all email is in the form of user@host.domain where host is either a DNS MX
record or A record"
many rewriting woes would be eradicated. In fact, the single biggest factor
holding back security is backwards compatibility - we need a "security is addressed
in this RFC" RFC that deprecates FTP, SMTP, NNTP, HTTP, POP, IDENT, SNMP,
and, uh, all the other badly designed protocols. OK, we need a rewrite from scratch
but you've all heard me make a fool of myself ranting about that before...

mjr.
---
Marcus J. Ranum - Computer and communications Security Expertise
mjr () ranum com  (http://www.ranum.com)

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: