Re: [exim] [NEWBIE]Stop Spammers - How - Confused

Página superior
Eliminar este mensaje
Responder a este mensaje
Autor: Marc Schiffbauer
Fecha:  
A: exim-users@exim.org
Asunto: Re: [exim] [NEWBIE]Stop Spammers - How - Confused
* Wakko Warner schrieb am 21.09.04 um 03:41 Uhr:
> Keep me in CC.
>
> > > If I ran an ISPs mail server, I would:
> > > 1) disallow connections to port 25 from my customers
> > > 2) have my customers use port 587 (MSA), require authentication, and only
> > >    allow the sender to be the authenticated sender (to prevent spoofing. 
> > >    NULL senders would be ok)
> > > 3) port 25 would never relay under any circumstances (that is excluding
> > >    domains that I mx for)
> > > 4) deny access to port 25 to the internet from my customers.  I would allow
> > >    this for dedicated (static IP) users so they could host their own server.
> > >    however, they would be responcible for security of their system (IE no
> > >    open relay)

> > >
> > > Ok, you may ask why I'd do #1. Simple, It would stop virus email from ever
> > > being sent out from a customer. The exception is the virus that uses the
> > > user's MUA. If the user does not store their password, no problem. #4
> > > would prevent an emailing virus from spreading (given what I stated before)
> >
> > And what about viruses having their own SMTP engine?
>
> That was the idea. It would stop those cold.
>
> if the virus can't contact any server via port 25, how will it spread via
> email with it's own engine? that's basically what 1 and 4 were for (I guess
> 3 would add to it).


Ok then you have to block port 25 at your firewall. Maybe I
misunderstood you. I thought you want to block port 25 at your MTA
server...

-Marc

-- 
****************************************************
*   (morganj): 0 is false and 1 is true, correct?  *
*   (alec_eso): 1, morganj                         *
*   (morganj): bastard.                            *