Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: smtp redirection

From: Les LaCroix <Les.LaCroix () CARLETON EDU>
Date: Tue, 10 May 2005 16:43:21 -0500
We have an antispam/antivirus firewall from Barracuda Networks, with MX
records pointing to it for all of our mail domains.  All incoming mail
is passed along to a second antivirus appliance (McAfee-branded), which
catches another several dozen viruses a day.

We also have a separate smtp relay for our users' mail clients.  It
requires authentication and encryption, even from on campus, except for
a small number of known and trusted servers on campus.

In our case, separating MX and smtp relaying for clients is a
necessity.  The antispam firewall can't act as a relay: it only accepts
mail for the local domains.  Separating them was something we wanted to
do anyway.

ACLs prevent incoming smtp directly to our McAfee antivirus appliance,
mailbox hosts and other misc. destinations (e.g. listservs).  Prior to
setting up the ACLs, spammers would connect to pretty much anything that
would listen on port 25.

Les LaCroix
Associate Director of Network Services
Carleton College

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/groups/.
Previous By Date Next
Previous By Thread Next

Current thread: