Educause Security Discussion mailing list archives

Re: Outbound spam control

From: Graham Toal <gtoal () UTPA EDU>
Date: Tue, 13 Jun 2006 11:59:16 -0500

What about enforcing SMTP authentication on your mail servers?


If the threat is that one of your inside machines is compromised
and being used as a spambot via your own mail server, it's just as
likely that the next variation of the bot will grab the SMTP auth
parameters from your config and still send via your server.

rate limiting on outgoing is probably the best bet; even if some
slip by at a slow rate, you're unlikely to end up in a blacklist
because of it.

content filtering on outgoing is tempting but far too likely to
produce false positives.

G

Current thread:

Outbound spam control Andy Hooper (Jun 13)
- <Possible follow-ups>
- Re: Outbound spam control Brad Judy (Jun 13)
- Re: Outbound spam control Graham Toal (Jun 13)
- Re: Outbound spam control Joe St Sauver (Jun 13)
- Re: Outbound spam control Mark Borrie (Jun 13)
- Re: Outbound spam control Graham Toal (Jun 13)
- Re: Outbound spam control Chris Edwards (Jun 14)
- Re: Outbound spam control Hoffman, Michael (Jun 14)