[65567] in North American Network Operators' Group
Re: SPAM from own customers
daemon@ATHENA.MIT.EDU (Brian Bruns)
Tue Dec 2 14:37:13 2003
From: "Brian Bruns" <bruns@2mbit.com>
To: <nanog@merit.edu>
Date: Tue, 2 Dec 2003 14:32:16 -0500
X-SA-Exim-Mail-From: bruns@2mbit.com
Errors-To: owner-nanog-outgoing@merit.edu
----- Original Message -----
From: "Suresh Ramasubramanian" <suresh@outblaze.com>
To: "Michel Renfer" <michel.renfer@lan.ch>
Cc: <nanog@merit.edu>
Sent: Tuesday, December 02, 2003 2:23 PM
Subject: Re: SPAM from own customers
>
> Virus filtering
>
> Rate limit (+ script to auto terminate user) and smtp auth on outbounds
>
SMTP AUTH is becoming risky if its not carefully setup and monitored. I can
name one big time spammer who has warmed up to cracking weak passwords on
e-mail systems that do SMTP AUTH. Means you'd have to filter your outbound
mail servers port 25 from anyone not inside your network or a trusted
source.
Virus filtering is a must, but, alas, not all mail servers filter *outgoing*
mail. Most filter only incoming mail.
--------------------------
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.sosdg.org
The AHBL - http://www.ahbl.org
