Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: smtp redirection

From: "Flagg, Martin D." <FlaggMD () HIRAM EDU>
Date: Tue, 10 May 2005 15:46:03 -0400
We have set-up a anti-spam wall and use MX records to direct traffic to
it.  I have not yet blocked SMTP mainly because of our POP/IMAP users
that need SMTP.  How has everyone dealt with this issue? 
 

Martin D. Flagg 
Network Engineer/Administrator 
Hiram College 

If you lend someone $20,
and never see that person again,
it was probably worth it. 


 

________________________________

From: The EDUCAUSE Security Discussion Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Aaron Childs
Sent: Tuesday, May 10, 2005 3:43 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] smtp redirection



John,

  We just implemented an anti-spam appliance as well (Risk Filter by
Surf Control).  We also redirect email using MX records however as a
preventative measure (and for security reasons) I setup an access-list
in our router to have all email flow through the appliance.

 

Aaron

 

------------

Aaron Childs

Assistant Director, Networking

Westfield State College

http://www.wsc.ma.edu/it/

________________________________

From: The EDUCAUSE Security Discussion Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of John
Sent: Tuesday, May 10, 2005 3:32 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] smtp redirection

 

Greetings All,

 

We are redirecting smtp traffic inbound to some campus mail servers via
MX records in our DNS to an anti-spam appliance (Bluecat Meridius) and
find some email circumvents the appliance apparently by using DNS IP
lookup for host resolution and not using MX records to send mail to mail
servers on our campus. The vendor recommends blocking inbound port 25 to
the campus mail servers from the internet. I favor this approach.
However the mail folks are concerned that some legitimate email may be
dropped this way.

 

For those of you who redirect email to an anti-spam device; how are you
doing this redirection and how are you dealing with the spammers who
circumvent the MX record approach?

 

Before changing MX records I set a route map on a router to redirect
smtp traffic to the Meridius but the IP destination headers did not have
the Meridius address so the appliance dropped the traffic. We run a
public class B and do not do NAT.

 

I very much appreciate your solutions, ideas, critiques and war stories.

 

Cheers,

 

John Garner

jgarner () sfasu edu

Stephen F. Austin State U

********** Participation and subscription information for this EDUCAUSE
Discussion Group discussion list can be found at
http://www.educause.edu/groups/. ********** Participation and
subscription information for this EDUCAUSE Discussion Group discussion
list can be found at http://www.educause.edu/groups/.

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/groups/.
Previous By Date Next
Previous By Thread Next

Current thread: