Its one thing to trap mail to a known destination like the problem Kees was having but to stop mail being sent from a machine that is allowed to send mail, how would this work? One way is to put a STOP button on the SME mail server, you go to a web page, log in and hit the mail sending "STOP"/"START" button. Add a few more features and this could work.
I have been thinking about a similar problem where devices inside my network are trying to get out and report on my activity (including M$ features and spyware, see http://grc.com/oo/spyware.htm ), you know the appliances that call the repair man, while this might be fine for a photocopier contract it is not for devices that handle sensitive digital materal. I installed a new Brother laser network printer at a customers using the built in setup web page. Along with the usuall TCP/IP info it wanted the gateway and the mail server address. Since the printer can be setup to retransmit whatever is sent to it I decided that GW and SMTP would be left blank. How many more devices will be asking for net access? DHCP could be used to control devices with unique DHCP Client IDs and/or MAC addresse control. By adding another page on the SME "Net Access" to control who get out or what services or where those service should go (eg. reroute all mail sent from appliances to root) Brian B Daybreak Information Systems Richard Ford wrote: > > G'Day All, > > I did have a development idea a few weeks back that was triggered by > something else and this seems similar. > > Sircam and similar was my trigger. And any virus/Trojan that can act as > self sufficient server and send out sensitive company documents or similar. > > Could we develop an SME "Dead Bolt" (Copyleft Richard Ford :) ) like for > your house. So that doors can't be opened from the inside. > > Just an added precaution even when incoming mail servers and desktops have > scanners - just in case something breaks. > > The rules to effect the "Dead Bolt" could block all traffic on the input > chain on the local net adapter that are coming from and/or going to specific > target ports. In the case of sircam, block all machines from the inside > from sending our connection packets that go to the smtp port. > > There is also a security case to be made here for making sure that > employee's don't/can't use private email at work and funnel out or funnel IN > (as in their private email server most likely has NO virus protection) > virus/documents. > > Just a thought...... > > Cheers, > RF. > -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
