> You might also ask yourself whether you expect to get any legitimate > non-auth mail from your domain addresses via your MX hosts on port 25.
> We see a lot of spam coming in to our MX hosts using valid internal mail > addresses as the sender address. The reality though (for us at least) > is that we have no reason to see this type of traffic. Our gateways sit in a DMZ, which limits the IP addresses (via firewalls) to only those other handful of machines on the same segment within the DMZ, and a single internal SMTP routing system (which then domain-routes to the appropriate exchange servers for inbound, and is the wildcard-mx host for internally generated mail heading outbound.) So our range of Ips from which mail from my domains should be generated, is known, and fairly small. Any remote users all VPN in to the internal network, thus all their email is sent and received to/from the clients, via internal connections via the Exchange servers and my internal routing host. All other traffic touching my gateways is coming "from the Internet". _______________________________________________ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list [email protected] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
