On 30/03/03 12:31 +0200, Joost Ernest wrote: > I have a question regarding to "open proxy". We are using Domino server > as our mail server in a w2k server environment. A week ago we started to > receive a-mail from a Dutch ISP dat our mailserver has been listed in an > Open Proxy Database. As a result of this we can't send e-mail at all... You have an open proxy on your network. Possibly ISA? Have the proxy accept requests *only* from your ip block. With squid (http://www.squid-cache.org), I would do: acl mylan src 192.168.1.0/24 #This is the netblock for my local LAN http_access allow mylan #Permit my LAN users to use squid http_access deny all #Deny everyone
> I have started to block some ports explicitly (135, 139, 443, 1080, > etc..) I also read some articles about this subject in which was written First rule of firewalling: Block everything, Open as needed. > that i should use Authentication for every user that wants tos end > E-mail. I know how to configure this in Exchange but i don't know how i > can arrange this with Domino server. You need to authenticate on the basis of IP addresses, or username password pairs. http://www.google.com/search?q=smtp+auth+domino HTH Devdas Bhagat ------------------------------------------------------------------- SurfControl E-mail Filter puts the brakes on spam, viruses and malicious code. Safeguard your business critical communications. Download a free 30-day trial: http://www.securityfocus.com/SurfControl-security-basics
