I wouldn't even think of using a router for this purpose unless you are only using smtp mail between your own sites and don't want outside email f/ anywhere. We run spamassasin (www.spamassasin.org) on our mail server and it cuts out 80-90% of our SPAM.
Kevin Hunt CCNP, MCSE, MCT, Linux+ SME ----- Original Message ----- From: "Marty Adkins" To: Sent: Wednesday, July 17, 2002 8:01 AM Subject: Re: blocking spam with cisco routers [7:48971] > GEORGE wrote: > > > > Hi all I have a question ,I configured my e-mail server to only accept > > local e-mail, and deny other relay , however im still vulnerable to > > spam. My question is how do the ips block other e-mail going to their > > smtp > > Do they do it by access-list? Allowing only the local network with port > > 25? > > Or just the e-mail server? > > If cisco routers have to be involved does anyone have some links. Im > > behind a pix and would like to allow only my network to use smtp. > > Network layer filtering can't really do much to prevent relaying; it > has to be done in the SMTP application. The techniques that I'm > familiar with include: > 1) Disallow mail sent to non-local (different domain) addresses unless > the SMTP source is within the local domain, as resolved in a reverse DNS. > This is simple but prevents one from sourcing mail while traveling, > using a different ISP, at work, etc. > 2) Same as #1 but require U/P authentication for outgoing mail. > 3) Same as #1 but indirectly authenticate by correlating an outgoing > mail connection with a "recent" successful POP3 fetch, which naturally > requires a U/P. My DSL ISP, Speakeasy, does this and it works quite > well. If you attempt outbound mail without having done a POP fetch > in the last several minutes, an error message tells you that you must > do that first. > > And BTW, none of these reduce spam, only the relaying of it! > > Marty Adkins Email: [EMAIL PROTECTED] > Chesapeake NetCraftsmen, LLC o:410.757.3050, > p:[EMAIL PROTECTED] > 1290 Bay Dale Drive, Suite 312 http://www.netcraftsmen.NET > Arnold, MD 21012-2325 Cisco CCIE #1289 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=49040&t=48971 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]