smtp redirection

[John <jgarner () SFASU EDU>]

Greetings All,



We are redirecting smtp traffic inbound to some campus mail servers via MX
records in our DNS to an anti-spam appliance (Bluecat Meridius) and find
some email circumvents the appliance apparently by using DNS IP lookup for
host resolution and not using MX records to send mail to mail servers on our
campus. The vendor recommends blocking inbound port 25 to the campus mail
servers from the internet. I favor this approach. However the mail folks are
concerned that some legitimate email may be dropped this way.



For those of you who redirect email to an anti-spam device; how are you
doing this redirection and how are you dealing with the spammers who
circumvent the MX record approach?



Before changing MX records I set a route map on a router to redirect smtp
traffic to the Meridius but the IP destination headers did not have the
Meridius address so the appliance dropped the traffic. We run a public class
B and do not do NAT.



I very much appreciate your solutions, ideas, critiques and war stories.



Cheers,



John Garner

jgarner () sfasu edu

Stephen F. Austin State U


**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/groups/.