The first best step is to set SMTP not to relay for users outside your
network. If you have users that must access your server from outside your
network, then they must authenticate to send mail, but this is not a huge
problem. Once you get this set up, it's pretty difficult for any spammers to
get past you.
As for virus attacks, you can generally add a filter to the global rules
files for your domains and catch these messages - but you must be ready to
act quickly when a new one comes out and this doesn't catch all of them. To
really battle the virus problem, you will need to invest in NAVIEG or some
other virus scanning software that puts itself between the network and your
SMTP server... it can be difficult to set up, and pricey, but once in place
I hear it's well worth the effort. We're still hoping to do this very
soon... in the mean time, we're recommending our users install a virus
protection software on their systems - which is not a bad idea in general.
Hope this helps,
_Pete
----- Original Message -----
From: Don Schreiner <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Sunday, February 06, 2000 10:36 AM
Subject: [IMail Forum] SMTP abuse and VIRUS Attacks
> Dear Imail UG Gurus,
>
> We are fairly new to Imail. Installed 5.08 a few months back for multiple
> domains and recently upgraded to 6.02. We heavily use Web Mail for these
> domains. All has been well so far! However, I am very concerned about
SMTP
> abuse and VIRUS attacks, and want to be proactive. We are behind a
firewall,
> however not really tweaked any specific settings regarding our e-mail
ports,
> etc. Any feedback from the IMail gurus is most appreciated.
>
> 1) Is there anyone or entity whereas we could obtain a list of known "IP
> addresses" who have a history of scanning and finding e-mail server SMTP
> addresses, and then using them for SPAM without permission?
>
> 2) In relation to the above question - what is the best way to configure
> IMail to defend against unauthorized users of the SMTP service? I read
that
> enabling reverse authorization DNS look-up is one way, however does this
not
> significantly reduce performance?
>
> 3) What is the best way to defend against Virus attacks attached to
e-mails?
> We run Network Associates NT Sheild on our server, which supposedly does
> scan everything coming into the server. However, I am not so sure how
well
> it does with e-mails?
>
>
> Best Regards,
>
> Don Schreiner
> - - - - - - - - - - - - - - -
> Powered by EZWEBonline.com
> Division of CompBiz, Inc.
> An Allaire Technology Partner
> 407-322-8654
> 800-408-3688
>
> Please visit http://www.ipswitch.com/support/mailing-lists.html
> to be removed from this list.
>
Please visit http://www.ipswitch.com/support/mailing-lists.html
to be removed from this list.
