On Tue, 2010-02-16 at 13:43 -1000, Alexandre Chapellon wrote:
> Le mardi 16 février 2010 à 23:07 +0100, Karsten Bräckelmann a écrit :
> > Hmm, wait. Are you saying the bots are using your infrastructure, rather
> > than the most common direct to MX? Or are you saying your customers are
> > actively spamming themselves?
>
> If I take a look at the feedback loop i received I can see that some
> bots are sending directly to mx and somes other are sending to my
> mails relay (probably using outlook connectors or others)
Authenticated!?
Also, do you care about those sending direct to MX?
> > AFAIK bots still don't abuse MUA credentials on the infected machine to
> > authenticate against the outbound SMTP. A policy change to offer SMTP
> > only with auth and TLS in 3 months time should be easy to tell your
> > customers.
>
> I already set up SMTP-AUTH few month ago but it's not mandatory yet
> and most of my users didn't configured it yet.
This is a good time to have it mandatory in 2 months, don't you think?
Either auth, or use some external SMTP. No excuse, no mercy.
> > What blacklists are we talking about?
>
> I'd like to re-focused to my initial questions:
I'd like to get an answer to the question.
Yes, the blacklist might make a hell of a difference. And the answer to
this might even make a difference, if you really want to filter outbound
mail through SA, or if there are other alternatives.
> "does SA on outgoing smtp needs specific tweaks? Is it a good idea and
> does any body already set it up?"
Yes, it needs specific tweaks. As has been pointed out before. For
starters, you do not want any PBL style blacklists. Given the bot
infected picture of your customers you paint, you definitely don't want
any XBL style blacklists either.
Oh, and of course the yet-unnamed ones *you* are listed on... See?
Good idea? Depends. For some, yes. Someone done it before? Definitely.
Did you google or check this list's archives?
guenther
--
char *t="\10pse\0r\0dtu...@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4";
main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i<l;i++){ i%8? c<<=1:
(c=*++x); c&128 && (s+=h); if (!(h>>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}
