sobig.f and secondary MX
Robert Fitzpatrick
robert at WEBTENT.COM
Thu Aug 21 23:07:36 IST 2003
On Thu, 2003-08-21 at 16:08, Joe Stuart wrote:
> >>> mdm at INTERNET-TOOLS.COM 08/21/03 02:49PM >>>
> >Does anybody know what sobig.f does when it can't get thru to the
> secondary MX.
>
>
> We blocked access to our secondary MX from the outside and we havent
> had a virus come in since.
>
> Joe
Same here, we had a gateway as the primary running FreeBSD/Postfix that
is the first line of defense with secondary MX's pointing to the actual
mail servers with MailScanner/Procmail running in case the gateway goes
down (never happened). We took the seondary records out yesterday and
the virus is gone. But we also applied a Sobig filter to the Postfix as
well.
We're planning to just put another Postfix gateway up as the backup and
do away with any direct MX records to the mail server since this virus.
--
Robert
More information about the MailScanner
mailing list