On Fri, Aug 22, 2003 at 08:33:58AM -0400, Bill Moran wrote: > Sobig uses it's own SMTP engine, so it doesn't use your mail > relay, so it bypasses qmail-scanner. You can prevent it from > coming _in_, but not from going out, with qmail-scanner.
You can stop that if you do transparent proxying of SMTP traffic at your edge. I've done that with Ciscos and Linux iptables - works great. i.e. You can "allow" outgoing SMTP traffic from your LAN - but what actually happens is all outgoing SMTP connections get remapped onto your Q-S servers. Please don't ask me how to do that - that's not a 5-sec task and touches upon several aspects of your IS infrastructure. Of course, I'm always available as a consultant... ;-) -- Cheers Jason Haar Information Security Manager, Trimble Navigation Ltd. Phone: +64 3 9635 377 Fax: +64 3 9635 417 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 ------------------------------------------------------- This SF.net email is sponsored by: VM Ware With VMware you can run multiple operating systems on a single machine. WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the same time. Free trial click here:http://www.vmware.com/wl/offer/358/0 _______________________________________________ Qmail-scanner-general mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/qmail-scanner-general
