Educause Security Discussion mailing list archives
Re: smtp redirection
From: "Flagg, Martin D." <FlaggMD () HIRAM EDU>
Date: Tue, 10 May 2005 15:46:03 -0400
We have set-up a anti-spam wall and use MX records to direct traffic to it. I have not yet blocked SMTP mainly because of our POP/IMAP users that need SMTP. How has everyone dealt with this issue? Martin D. Flagg Network Engineer/Administrator Hiram College If you lend someone $20, and never see that person again, it was probably worth it. ________________________________ From: The EDUCAUSE Security Discussion Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Aaron Childs Sent: Tuesday, May 10, 2005 3:43 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] smtp redirection John, We just implemented an anti-spam appliance as well (Risk Filter by Surf Control). We also redirect email using MX records however as a preventative measure (and for security reasons) I setup an access-list in our router to have all email flow through the appliance. Aaron ------------ Aaron Childs Assistant Director, Networking Westfield State College http://www.wsc.ma.edu/it/ ________________________________ From: The EDUCAUSE Security Discussion Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of John Sent: Tuesday, May 10, 2005 3:32 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] smtp redirection Greetings All, We are redirecting smtp traffic inbound to some campus mail servers via MX records in our DNS to an anti-spam appliance (Bluecat Meridius) and find some email circumvents the appliance apparently by using DNS IP lookup for host resolution and not using MX records to send mail to mail servers on our campus. The vendor recommends blocking inbound port 25 to the campus mail servers from the internet. I favor this approach. However the mail folks are concerned that some legitimate email may be dropped this way. For those of you who redirect email to an anti-spam device; how are you doing this redirection and how are you dealing with the spammers who circumvent the MX record approach? Before changing MX records I set a route map on a router to redirect smtp traffic to the Meridius but the IP destination headers did not have the Meridius address so the appliance dropped the traffic. We run a public class B and do not do NAT. I very much appreciate your solutions, ideas, critiques and war stories. Cheers, John Garner jgarner () sfasu edu Stephen F. Austin State U ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/groups/.
Current thread:
- smtp redirection John (May 10)
- <Possible follow-ups>
- Re: smtp redirection Aaron Childs (May 10)
- Re: smtp redirection Flagg, Martin D. (May 10)
- Re: smtp redirection Graham Toal (May 10)
- Re: smtp redirection Graham Toal (May 10)
- Re: smtp redirection Geoff (May 10)
- Re: smtp redirection Valdis Kletnieks (May 10)
- Re: smtp redirection Valdis Kletnieks (May 10)
- Re: smtp redirection Bruce Hudson (May 10)
- Re: smtp redirection Tom Bossie (May 10)
- Re: smtp redirection Flagg, Martin D. (May 10)
- Re: smtp redirection Graham Toal (May 10)
- Re: smtp redirection Paul Russell (May 10)
(Thread continues...)