> Ok, so we are passing back and forth negatives/positives of our current
> SMTP policy, and are looking for answers on what others are doing. I'm
> going to list what we have done, currently doing, and looking for
> feedback on what you do...
If I could start over I would make everyone authenticate on port 587
for SMTP. But instead we have this in our Mikrotik firewall.
/ip firewall filter
add action=jump chain=forward comment="" disabled=no jump-target=smtp
add action=add-src-to-address-list address-list=spammer
address-list-timeout=6h chain=smtp comment="" connection-limit=\
15,32 disabled=no dst-port=25 protocol=tcp tcp-flags=syn
add action=tarpit chain=smtp comment="" disabled=no dst-port=25
protocol=tcp src-address-list=spammer
Any custommer trying to do 15 or more outgoing smtp connections gets
there smtp port tarpited for 6 hours. Works pretty well.
Matt
--------------------------------------------------------------------------------
WISPA Wants You! Join today!
http://signup.wispa.org/
--------------------------------------------------------------------------------
WISPA Wireless List: wireless@wispa.org
Subscribe/Unsubscribe:
http://lists.wispa.org/mailman/listinfo/wireless
Archives: http://lists.wispa.org/pipermail/wireless/
