GEORGE wrote: > > Hi all I have a question ,I configured my e-mail server to only accept > local e-mail, and deny other relay , however im still vulnerable to > spam. My question is how do the ips block other e-mail going to their > smtp > Do they do it by access-list? Allowing only the local network with port > 25? > Or just the e-mail server? > If cisco routers have to be involved does anyone have some links. Im > behind a pix and would like to allow only my network to use smtp.
Network layer filtering can't really do much to prevent relaying; it has to be done in the SMTP application. The techniques that I'm familiar with include: 1) Disallow mail sent to non-local (different domain) addresses unless the SMTP source is within the local domain, as resolved in a reverse DNS. This is simple but prevents one from sourcing mail while traveling, using a different ISP, at work, etc. 2) Same as #1 but require U/P authentication for outgoing mail. 3) Same as #1 but indirectly authenticate by correlating an outgoing mail connection with a "recent" successful POP3 fetch, which naturally requires a U/P. My DSL ISP, Speakeasy, does this and it works quite well. If you attempt outbound mail without having done a POP fetch in the last several minutes, an error message tells you that you must do that first. And BTW, none of these reduce spam, only the relaying of it! Marty Adkins Email: [EMAIL PROTECTED] Chesapeake NetCraftsmen, LLC o:410.757.3050, p:[EMAIL PROTECTED] 1290 Bay Dale Drive, Suite 312 http://www.netcraftsmen.NET Arnold, MD 21012-2325 Cisco CCIE #1289 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=49018&t=48971 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
