How do you stop outgoing spam?

• Previous message (by thread): How do you stop outgoing spam?
• Next message (by thread): How do you stop outgoing spam?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Rafi Sadowsky wrote:
>  Maybe I'm missing something obvious but do how you get rate-limiting per
> TCP *flow* with Cisco IOS ?

There is something called flow-based RED (FRED) but it consumes a whole 
lot of memory because you have to keep track of lots more state.  I 
don't know about that code.  At the least what you can do is use the 
rate-limit command and rate limit *all* outbound TCP/80 traffic (or for 
that matter all access-list captured traffic).  Now, doing so will make 
any but the most trivial outbound TCP/80 absolutely painful, and will 
cause tail drop.  See Cathy Wittbrodt's work in this space, which was 
presented at NANOG some time ago.

Note, I'm not saying you should *do* this.  It may be going a bit too 
far for anti-spam.

Eliot

• Previous message (by thread): How do you stop outgoing spam?
• Next message (by thread): How do you stop outgoing spam?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]