Open relays and open proxies
Mike Damm
MikeD at irwinresearch.com
Thu Apr 24 20:52:40 UTC 2003
Block port 25 inbound and outbound, and setup a cluster of managed,
authenticated, secure, mail relays (both in and out) for your customers.
You're never going to get all the proxy ports, but regardless to send spam
they have to hit port 25 on the outbound.
I don't want to stir up old debates about SMTP filters on the edge, but I do
think it's a viable solution if you provide a simple to use alternative for
your userbase. (God knows I have had enough problems with sales staff
plugging laptops into foreign networks and trying to get back to our mail
boxes)
---
Michael Damm, MIS Department, Irwin Research & Development
V: 509.457.5080 x298 F: 509.577.0301 E: miked at irwinresearch.com
-----Original Message-----
From: Adi Linden [mailto:adil at adis.on.ca]
Sent: Thursday, April 24, 2003 12:11 PM
To: nanog at merit.edu
Subject: Open relays and open proxies
I am seeing an increasing number of hosts on our network become an open
proxy. So far the response to this has been reactive, once I receive
complaints from spam victims I deal with the source of the problem.
Is there an accepted way of blocking open proxy and open relay traffic at
the network edge?
Adi
More information about the NANOG
mailing list