Glad to know it works for you... my concerns / thoughts were: 1) there was discussion about replacing freemail with soemthing that handled freemail better (which might not work for this as freemail does) 2) if I add enough domains, this will slow things down - so I was wondering if it made sense as a global option (a la bofh) for all domains hosted
I got started on this as I had clients losing inter-company mail to spam filters... so I added whitelists, and they started getting more spam... just following the links in the chain ;-) Thanks. m/ > -----Original Message----- > From: Gerardo Gregory [mailto:[EMAIL PROTECTED] > Sent: Friday, January 23, 2004 12:38 AM > To: Mitch (WebCob) > Cc: Sam Varshavchik; [EMAIL PROTECTED] > Subject: Re: [courier-users] Re: freemail as local mail forgery test? > > > Mitch, > > Theoreticaly speaking the methadology you are using has been > deployed in network edge devices for years, and it is very sound. > A common attack awhile back called The Land attack (affecting > earlier 95/98 MS systems), was achieved by sending packets to a host, > using the host's IP address as the source and destination (this was an > attack using forged IP's). Hence the machine would respond to itself. > Network admins ussualy add a rule stating to block from <source my > netblock> to <destination my netblock> on their ingress points. > I was actualy wondering for the last few days if such was > feasible with any of the filtering oprions in Courier-MTA. I have > received numerous Spam messages from [EMAIL PROTECTED] to > [EMAIL PROTECTED] already and it has started to annoy me. > The level of Spam received at my corporate mail system is > incredible, but being in the business of customer inbound call centers, > direct mail, and data analysis caused me to end up with too much of our > own internal campaign drafts tagged as Spam when I had > SpamAssasin deployed. > What followed was a two month battle between my corporate account > managers and my drafted security policies. Eventualy politics won and > the policies where revised. I am now looing at DSPAM or other > 'Bayasian' alternatives to fix the spam issue. > I actualy deployed this on our gateway smarthost today after > reading you initial post and it has worked for me. > > Best regards, > > Gerardo > > > Mitch (WebCob) wrote: > > > > >>-----Original Message----- > >>From: [EMAIL PROTECTED] > >>[mailto:[EMAIL PROTECTED] Behalf Of Sam > >>Varshavchik > >>Sent: Thursday, January 22, 2004 3:50 PM > >>To: [EMAIL PROTECTED] > >>Subject: [courier-users] Re: freemail as local mail forgery test? > >> > >> > >>Mitch (WebCob) writes: > >> > >> > >>>Ok - any opinions on this? > >>> > >>>If I use the freemail structure to reject mail claiming to be > >> > >>from my local > >> > >>>users if they are relayed from anything other than my mx's ... > >> > >>any problem > >> > >>>with say 500 - 1000 entries like this? > >> > >>With modern, fast CPUs, shouldn't be a problem unless you're > >>handling a LOT > >>of mail. > >> > >> > > > > > > Any opinion on the concept? > > > > I think you had said something about replacing the freemail > concept with a > > better process - is there an alternative I should consider as a > better way > > to do this? > > > > Is this something you could keep in mind when you work on a better > > "freemail"? > > > > Think it's a good idea? > > > > My thought was to have a way to reject forged local senders, > allowing me to > > whitelist my local virtual domains within all the mail > filtering mechanisms > > to avoid thousands of extra individual whitelist froms, while > avoiding spam > > from me to me... if you follow my run-on sentance ;-) > > > > Thanks! > > > > m/ > > > > > > > > ------------------------------------------------------- > > The SF.Net email is sponsored by EclipseCon 2004 > > Premiere Conference on Open Tools Development and Integration > > See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. > > http://www.eclipsecon.org/osdn > > _______________________________________________ > > courier-users mailing list > > [EMAIL PROTECTED] > > Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users > > > > -- > Gerardo A. Gregory > Manager Network Administration and Security > ------------------------------------------------ > Affinitas - Latin for "Relationship" > Helping Businesses Acquire, Retain, and Cultivate > Customers > Visit us at http://www.affinitas.net > > ------------------------------------------------------- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn _______________________________________________ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
