Re: Outbound spam control

[Graham Toal <gtoal () UTPA EDU>]

> -----Original Message-----
> From: Mark Borrie [mailto:mark.borrie () OTAGO AC NZ] 
> Sent: Tuesday, June 13, 2006 4:06 PM
> To: SECURITY () LISTSERV EDUCAUSE EDU
> Subject: Re: [SECURITY] Outbound spam control
>
> We have largely (totally?) avoided this issue by not allowing 
> outbound smtp, except for a few designated mailhubs.  All 
> mail servers on campus are registered with the mailhubs and 
> relay outbound email through them.
>
> All client systems/desktops send email via their host mail servers.

I think the point of the original poster's comments were that
current spambots now look in your mailer settings for your
outgoing SMTP server, and use that. (or scan your local net
until they find one).  Hence they'll bypass the port 25 block
on direct outgoing SMTP.

As you've observed it is currently a minor problem; but as with
all facets of the spam arms race, the more we lock down one
area, the more they exploit the next.

G