So this thread just came to my attention: http://comments.gmane.org/gmane.mail.postfix.user/227441
Feb 6 10:41:22 D1SNX682RL postfix/smtpd: connect from unknown[18.104.22.168]
Feb 6 10:41:23 D1SNX682RL postfix/smtpd: 20C453E00C0: client=unknown[22.214.171.124]
Feb 6 10:41:23 D1SNX682RL postfix/cleanup: 20C453E00C0: warning: header Subject: RE: RE: RE: RE: RE:// FOLLOW UP // HBL SCREENSHOT // FINAL SI & HBL // E.R FREMANTLE 087 // HIBLOW from unknown[126.96.36.199]; from=<MANILA_DOCS <at> APL.COM> to=<crm_email_archive_apl <at> apl.com> proto=ESMTP helo=<nol.com.sg>
Feb 6 10:41:23 D1SNX682RL postfix/cleanup: 20C453E00C0: message-id=<ADR37000000104995 <at> nol.com.sg>
Feb 6 10:44:27 D1SNX682RL postfix/smtpd: lost connection after DATA (437492 bytes) from unknown[188.8.131.52]
Feb 6 10:44:27 D1SNX682RL postfix/smtpd: disconnect from unknown[184.108.40.206]
please at least remove from this site , there is security audit going on in my organisation i dont want to maintain this thread , please remove this .
Whoops. You may have noticed in my previous posting “Fedora 16 and Red Hat on EC2 with Sendmail using SMART_HOST with authentication” I took the time to sanitize all the IPs and hostnames presented in the examples. It was a bit of a chorse (running search and replace is simple, but reading the results three times to ensure nothing was missed is tedious), but it’s worth it. Would the information aid an attacker? A little bit. There are other ways to find this out as well (error messages from servers, etc.).
But the reason I do it is simple: if you ALWAYS sanitize information then you won’t run into a situation where you decided not to sanitize the information and later turned out to be wrong. This is exactly why I shred every single piece of paper I touch before throwing it out. Do I need to shred the envelopes my bills come in? They have no personal information/etc., they could conceivably be used to determine which banks/companies I deal with, and how much I deal with them, but I’m not overly worried about that (anyone taking the time to go through all my trash can find this out other ways). No the reason I shred everything, including envelopes is so that I never have to worry about throwing something away sensitive. Also I don’t have to spend any time/effort deciding if something needs shredding or not, it all automatically goes into a pile, and when I’m bored I feed the shredder (I actually find it oddly fun…).