[65565] in North American Network Operators' Group
Re: SPAM from own customers
daemon@ATHENA.MIT.EDU (Suresh Ramasubramanian)
Tue Dec 2 14:24:18 2003
Date: Tue, 02 Dec 2003 14:23:40 -0500
From: Suresh Ramasubramanian <suresh@outblaze.com>
To: Michel Renfer <michel.renfer@lan.ch>
Cc: nanog@merit.edu
In-Reply-To: <6B9C450B9E067A4DB1483B5C4147E814433811@hermes.lan.intra>
Errors-To: owner-nanog-outgoing@merit.edu
Michel Renfer writes on 12/2/2003 12:50 PM:
> How will you deal with the problem, that one user can flood your
> SMTP Server with tousends of emails within 10-20 minutes?
Virus filtering
Rate limit (+ script to auto terminate user) and smtp auth on outbounds
Separate inbound and outbound smtp relay. Don't let your inbound MX
relay for your dialup pool (some trojans take the rDNS name / hostname
of the infected box and do nslookup -q=mx domainname)
Ask AOL for an scomp@aol.net feed - a lot of these trojan spams seem to
target AOL users.
etc
--
srs (postmaster|suresh)@outblaze.com // gpg : EDEDEFB9
manager, outblaze.com security and antispam operations
