I am sure that would work, but as you know the more port 587 is published, it will be hit also... We are looking into doing this as well. We just put an IMGate server in front of our Barracuda we have and have it filtering using just a few tests and recipient verification and it dropped our load on the barracuda by 300%! We were seeing around 400k email a day on the cuda and IMGate reduced it to under 100k day.
Thanks, Grant Griffith Web Application Developer Enhanced Telecommunications http://www.etczone.com 812-932-1000 -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jeff Hitchcock Sent: Thursday, October 26, 2006 3:05 PM To: [email protected] Subject: RE: [IMail Forum] SMTP Exploit Scanning Going on NOW I'm hoping that having my IMGate servers as the published MX servers instead of my iMail server reduces the exposure to this attack. I do have the iMail server open for incoming SMTP, but it is known only to customers. Port scanning would find it, obviously. Perhaps blocking port 25 at the outside firewall and using only the alternate port 587 would help. Does anyone know if the current scans are hitting only port 25? Jeff Hitchcock - [EMAIL PROTECTED] ________________________________ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Robbie Pardue Sent: Thursday, October 26, 2006 2:41 PM To: [email protected] Subject: RE: [IMail Forum] SMTP Exploit Scanning Going on NOW I'm not sure how a firewall could help in this instance (if someone can enlighten me you would have my gratitude). As SMTP needs to be opened to the world in order for imail to receive mail, a firewall has simply to allow it (I think) or there is no mail, and that's that. Mark Pipkin <[EMAIL PROTECTED]> wrote: So those that have been effected by this are they behind a SMTP firewall and still get hit or are these servers SMTP live to the internet? ________________________________ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Korey Verlsteffen Sent: Thursday, October 26, 2006 11:35 AM To: [email protected] Subject: [IMail Forum] SMTP Exploit Scanning Going on NOW Heads up everyone. My IDS systems are reporting heavy scanning for the IMail SMTP exploit. http://www.juniper.net/security/auto/vulnerabilities/vuln3414.html Sincerely, Korey Verlsteffen Network Administrator WebStream Internet Solutions [EMAIL PROTECTED] http://www.webstream.net To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
