solution time for www/smtp hole

Marc Andreessen (marca@ncsa.uiuc.edu)
Thu, 12 Aug 93 19:13:39 -0500


OK, let's bring this thing to a close.

How about we start disallowing Gopher connections to anything other
than 70 and 71 (some Gopher servers use the latter), HTTP connections
to anything other than 80, Z39.50 and 210, and NNTP connections to
anything other than (whatever the NNTP port is), etc. -- except for
>1024, which is wide open.

Is that sufficient to make AT&T and MvH happy? Does it cause any
impact on *current* functionality?

Is it also necessary to prohibit escaping of cr/lf?

Marc