On 16/01/02 13:24 +0530, Prathabacimman.M wrote: > Hi, > > Try configuring your mail server for relay blocking such as > authentication/ip address restriction. But this way it will your home server > users to send a spam. The best way is to block at the Firewall level like > exceeding the counts set will be blocked. There are multiple ways to block spam. First, start off by blocking open relays: http://www.orbz.org http://www.ordb.org
Then use a blocklist like spews, or osirusoft in addition. Require a valid domain for incoming mail. Use an access.db file to catch newer spamming domains. This should catch most of your spam. Follow up by using procmail/sieve scripts to catch the rest of your spam. If you use an MTA like postfix, you could also catch spam by its contents (headers/body) See http://mrbill.net/postfix/ > Ex: If 500 is the count, the To addresses exceeding the limit of 500 will be > blocked. You do this at the MTA level, not the firewall level. Application based firewalling is required (filtering at layer 7 on content, not at layer 2/3). Do not use older versions of the Pix firewall to proxy your SMTP. They are broken. I suggest using a two layered MX setup. Layer 1: Postfix doing filtering via orbz,ordb and spews, in addition to details like requiring a FQDN for the helo. This should reduce the volume of incoming mail considerably. Layer 2: Your favorite MTA filtering on the smaller amount of spam that comes through till here based on header and body checks. This MTA may also check for viruses. Then deliver to the mailbox of the user. Make sure your MTAs relay only for your network(s). There is enough documentation for the major MTAs on how to accomplish this. You can track spammers in NANAE mostly. Devdas Bhagat _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
