Kurt Seifried

How not to post log information, or why I shred every piece of paper I touch

So this thread just came to my attention: http://comments.gmane.org/gmane.mail.postfix.user/227441

I use postfix2.5.5 rpm to run postfix as relay server
since from last many day my application team of SAP software started complaining for the smtp email failuer
pls find the below longs
++++++++++++++++++++++++++++++++++++++++++++

Email 1

Feb  6 10:41:22 D1SNX682RL postfix/smtpd[3693]: connect from unknown[155.14.132.36]
Feb  6 10:41:23 D1SNX682RL postfix/smtpd[3693]: 20C453E00C0: client=unknown[155.14.132.36]
Feb  6 10:41:23 D1SNX682RL postfix/cleanup[10313]: 20C453E00C0: warning: header Subject: RE: RE: RE: RE: RE:// FOLLOW UP // HBL SCREENSHOT //  FINAL SI & HBL // E.R FREMANTLE 087 // HIBLOW from unknown[155.14.132.36]; from=<MANILA_DOCS <at> APL.COM> to=<crm_email_archive_apl <at> apl.com> proto=ESMTP helo=<nol.com.sg>
Feb  6 10:41:23 D1SNX682RL postfix/cleanup[10313]: 20C453E00C0: message-id=<ADR37000000104995 <at> nol.com.sg>
Feb  6 10:44:27 D1SNX682RL postfix/smtpd[3693]: lost connection after DATA (437492 bytes) from unknown[155.14.132.36]
Feb  6 10:44:27 D1SNX682RL postfix/smtpd[3693]: disconnect from unknown[155.14.132.36]

Followed by:

please at least remove from this site , there is security audit going on in my organisation i dont want to maintain this thread , please remove this .

Whoops. You may have noticed in my previous posting “Fedora 16 and Red Hat on EC2 with Sendmail using SMART_HOST with authentication” I took the time to sanitize all the IPs and hostnames presented in the examples. It was a bit of a chorse (running search and replace is simple, but reading the results three times to ensure nothing was missed is tedious), but it’s worth it. Would the information aid an attacker? A little bit. There are other ways to find this out as well (error messages from servers, etc.).

But the reason I do it is simple: if you ALWAYS sanitize information then you won’t run into a situation where you decided not to sanitize the information and later turned out to be wrong. This is exactly why I shred every single piece of paper I touch before throwing it out. Do I need to shred the envelopes my bills come in? They have no personal information/etc., they could conceivably be used to determine which banks/companies I deal with, and how much I deal with them, but I’m not overly worried about that (anyone taking the time to go through all my trash can find this out other ways). No the reason I shred everything, including envelopes is so that I never have to worry about throwing something away sensitive. Also I don’t have to spend any time/effort deciding if something needs shredding or not, it all automatically goes into a pile, and when I’m bored I feed the shredder (I actually find it oddly fun…).