On Thu, 25 Mar 2004 14:43:33 CST, Adi Linden said:
> Where is something like this documented and explained?
If your customer-facing routers/switches are able to generate flow statistics,
it's a Small Matter Of Programming to have something catch said data and do the
analysis. You might need some
Ray,
Take a look at IOS server load balancing. You create a virtual server
with your public IP address and bind 1 or more real servers to this
"serverfarm".
The nice thing about IOS SLB is that it is part of the IOS image in native
mode on the 65xx and the 72xx series. It runs on a couple of
Not to sound like a commercial for Cisco, but their IDS stuff does
rewrite ACL's based upon signatures.
Bil Herd
-Original Message-
From: J.D. Falk [mailto:[EMAIL PROTECTED]
Sent: Thursday, March 25, 2004 4:30 PM
To: [EMAIL PROTECTED]
Subject: Re: Redirecting mail (Re: Throttling
On 03/25/04, [EMAIL PROTECTED] wrote:
> On the other hand, it's probably more effective to find some way of making the
> Cisco gear block outbound 25 from abusive machines.
Inbound also. The spammers have been using triangular routing
for a while.
(They dial in somep
> Forcing it through a server doesn't automagically add the ability to throttle
> abusive behavior. It's merely the obvious sledgehammer fix.
It's a means to deal with smtp traffic.
> Now consider a router that's instrumented to collect flow data, feeding a
> real-time system that throttles th
> When you get bored fighting the fire with a leaking bucket of water,
> technology exists that automates detection, redirection, posting
> information to the end users and eventually re-enabling the subscribers
> without any manual intervention. Makes days significantly less dull, but
> I mig
On Thu, 25 Mar 2004 14:45:20 EST, Deepak Jain said:
> That's why network guys set up port 587 SMTP support, or ...even
> worse... authenticated port-80 SMTP relays on an otherwise idle machine
> in your NOC. Since its not for general consumption it doesn't need to be
> easy or automatic as long
On Thu, 25 Mar 2004 13:51:13 CST, you said:
> of abusive mail. After all, it does take time to read and act upon abuse
> reports. By forcing smtp through a specific server at least some proactive
> measures are possible such as throttling abusive behaviour.
Forcing it through a server doesn't a
Adi Linden wrote:
Right now I am blocking all network access for ip addresses I receive
believeable abuse reports for. The big problem is that it is a manual
process that does not start until a PC has already sent a massive amount
of abusive mail. After all, it does take time to read and act up
> On the other hand, it's probably more effective to find some way of making the
> Cisco gear block outbound 25 from abusive machines. Transparently redirecting
> the traffic is evil unless you plan to take all responsibility for relaying the
> mail (including mail that has MAIL FROM/RCPT TO that
Everybody who's ever been a road warrior and trapped behind a hotel or ISP that
gratuitously snarfs up port 25 and then mangles your mail knows what I mean...
That's why network guys set up port 587 SMTP support, or ...even
worse... authenticated port-80 SMTP relays on an otherwise idle machine
On Thu, 25 Mar 2004 13:25:51 CST, Adi Linden <[EMAIL PROTECTED]> said:
> Is there a way do transparently redirect smtp traffic to a server
> elsewhere on the network using Cisco gear? It would be much easier to
> implement this solution if smtp traffic is transparently sent through the
> dedic
Quoting Adi Linden <[EMAIL PROTECTED]>:
>
>
> Is there a way do transparently redirect smtp traffic to a server
> elsewhere on the network using Cisco gear? It would be much easier to
> implement this solution if smtp traffic is transparently sent through the
> dedicated box rather than 'cut
Thank you for all the information. It gives me a few choices to maul over.
Right now the single largest issue are compromised PCs that are abused for
sending SPAM and also send viruses. I am seriously considering the idea of
forcing all smtp traffic through a mail relay of some sort.
The newes
14 matches
Mail list logo
