Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: the importance of security

From: Rich Graves <rcgraves () BRANDEIS EDU>
Date: Wed, 11 Aug 2004 13:52:45 -0400
Wow, I'm surprised to see smtp auth being required on more than a handful
of campuses, given the poor client support (especially in embedded
devices). Hopefully the added usage will help get the client issues ironed
out soon.

We do not require smtp auth for on-campus use, but do support it for
off-campus relaying, and have other measures in place:

 * We really haven't had more than a handful of users receiving and opening
   email worms in the last year. Email server-side protection and user
   education help a lot. Yes, trojans/open proxies installed on student
   computers by other means remain a problem.

 * New sendmail 8.13 FEATURE(`greet_pause') seems to defeat open proxies
   and the smtp engines of all current worms, even if you only pause a few
   milliseconds. Of course this arms race will continue...

 * We meter and drop smtp connectivity if any ip address that isn't
   known to be an email server sends more than 150 messages per day. This
   has stopped other antisocial behavior, including "legitimate" internal
   spammers we have since moved from huge, unmaintained Eudora aliases to a
   centrally supported list server.

 * Port 25 will be blocked in dorms and in admin subnets we "know" will
   "never" have legitimate mail servers.
--
Rich Graves <rcgraves () brandeis edu>
UNet Systems Administrator

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.
Previous By Date Next
Previous By Thread Next

Current thread: