On Wednesday 14 July 2004 17:00, Kirk Friggstad wrote: > Hey all: > > We've recently installed a Barracuda (rack-mount "spam firewall" based on > Spam Assassin, also does virus scanning) on our network in front of our > XMail system, and pointed our MX records to deliver mail to the Barracuda > instead of directly to our server. This change was made over a month ago, > but we still find some spammers and viruses (especially W32/Zafi.B) are > delivering directly to our XMail server instead of following the MX records > to the Barracuda. The mail server is not at the same IP address as our > default @ record for the domain, but it does have A records for "mail" and > "smtp".
If you have a publicly accessable IP address on your server it will always be open to smtp traffic regardless of MX records. Does your Barracuda device also contain a stateful firewall? The easiest answer is to keep the mail server inside the firewall and block forwarding of smtp traffic (and everything else!) to internal servers. Jeff - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
