>>>Daniel Bentley <[EMAIL PROTECTED]> 10/07/05 6:47 pm >>> >We're currently dealing with one of these at my work, a Barracuda 300 >box. I'll have to say, it seems to be doing an okay filtering job for >spam it receives. > >-However-, I'm not sure how other boxes do things, but there's a flaw in >how this one's applied. Namely, you give the box an IP, and change the >MX record for your domain/s to point to the spam box. That's all fine >and dandy, -IF- the sending servers are honoring and sending according >to that MX record in DNS. If they're sending to an FQDN or straight IP, >it'll go straight to the email server anyways. So it's not exactly a >complete solution, so long as your email server still has an IP and a >connection to the 'net... We can play the IP and DNS shuffle, but so >long as we have records in DNS for SPF identification, the spammers will >be able to find out what machines in our domain are e-mail servers and >we'll be right at Step 1 again, with mail circumventing the Barracuda >box completely. > >YMMV (Your Model May Vary) of course, just some hands-on I've gotten >with one of these Barracuda boxes so far... I still think a more >optimal setup would be one that's trully 'in-line' for the mail server, >comparable to a traditional firewall. When looking at getting this box, >my manager kept reassuring me that it was in-line. Riiiiight... At >least it -does- help lighten the load on the mail server. >
Daniel, it can easily be logically in-line. Disabling access to port 25 on your mail server to everything apart from the spam box and other trusted hosts/networks will stop strangers bypassing your spam box. Maybe it's something else, but from what you wrote, I can't see how it's any more complicated than that. SteveC ------------------------------------------------------- This SF.Net email is sponsored by: Power Architecture Resource Center: Free content, downloads, discussions, and more. http://solutions.newsforge.com/ibmarch.tmpl _______________________________________________ AMaViS-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
