Outbound scanning checklist

Alex Neuman alex at nkpanama.com
Tue Nov 7 18:03:23 GMT 2006


Kevin Dermody wrote:
> Ugo Bellavance wrote:
>> Hi,
>>
>>     I will start filtering outbound traffic soon, and here is my 
>> checklist, to share with you guys, and if someone has something to 
>> add, I'd be glad to add it.  I'll post it on the wiki afterwards.
>>
>>
>>
>> 1- Get the list of IP addresses from which we'll receive outgoing 
>> e-mails
>>
>> 2- Allow relaying for these IP addresses
>>
>
> this is a really bad idea if you dont control the systems on those ip 
> addresses. use smtp authentication if you can.
>
This is  really bad idea, period. :D
>
>> 3- Disable DNSBL checks for theses IP addresses (if necessary)
>>
>> 4- Make sure your RDNS matches your HELO and that there is an A 
>> record that matches the RDNS, matching the IP address
>>
>> 5- Check the SPF records for domains that will be used outbound
>>
>> 6- Create ruleset as desired/needed: filetype, filenaye, spam checks 
>> (and always include SA report), content, virus
>>
>> Did I forget anything?
>>
>> Regards,
>>
>> ugo
>>



More information about the MailScanner mailing list