[67272] in North American Network Operators' Group
Re: Stopping open proxies and open relays
daemon@ATHENA.MIT.EDU (Rubens Kuhl Jr.)
Fri Feb 6 23:53:58 2004
Reply-To: "Rubens Kuhl Jr." <rubens@email.com>
From: "Rubens Kuhl Jr." <rubens@email.com>
To: "Adi Linden" <adil@adis.on.ca>, <nanog@merit.edu>
Date: Sat, 7 Feb 2004 02:53:11 -0200
Errors-To: owner-nanog-outgoing@merit.edu
Force all SMTP outbound connections from users thru a SMTP proxy. On that
proxy, force users to do SMTP Authentication; I've heard only once of a spam
code that will use the user's configuration info or dispatch e-mail thru
them. Even if they do, you can rate-limit messages/hour, unique mail
to/hour, disable mail service after a threshold, whatever sounds a good
policy to you.
Rubens
----- Original Message -----
From: "Adi Linden" <adil@adis.on.ca>
To: <nanog@merit.edu>
Sent: Saturday, February 07, 2004 2:43 AM
Subject: Stopping open proxies and open relays
>
> I am looking for ideas to stop the spam created by compromised Windows
> PC's. This is not about the various worms and viruses replicating but
> these boxes acting as open relays or open proxies.
>
> There are valid reasons not to run antivirus software, coupled with
> clueless users, this results in machines that SPAM again just a few hours
> after having been cleaned.
>
> Adi
>
>
