Ruleset to lock domain to IP address
Pravin Rane
pravin.rane at gmail.com
Wed Oct 25 20:49:20 IST 2006
Use SPF :)
On 10/26/06, Glenn Steen <glenn.steen at gmail.com> wrote:
>
> On 25/10/06, James Fagan <jfagan at firstlightnetworks.com> wrote:
> >
> >
> > > We plan to introduce some premium filtering options for some domains.
> > > This will result in all incoming mail to a given domain
> > > arriving from a single known IP address. To prevent
> > > "back-dooring" we'd like to lock that in so any incoming mail
> > > to a given domain from any other IP address is rejected or
> > > dropped. Can I create a ruleset to achieve that?
> > >
> > > TIA
> > > Brian
> > > --
> >
> > We do something similar, but we have it setup at the customers
> > firewall/router
> > to only accept connects on port 25 from one of our IPs (MailScanner
> > boxes). This
> > does stop the drive-by spam. We do this for all our clients permitted
> > they have the
> > hardware to achive this. Not exactly as you want to do it, but its an
> > alternative.
> > Besides most customers don't know anything about ports and routing so
> > you could charge
> > them a maintence fee or something for comfiguring their
> > routers/firewall.
> >
> > Other than that I think you would be looking at some fancy pants
> > iptables.
> >
> > Or maybe there are other solutions?
> >
> > James
>
> This should be done at MTA level (where you have all the necessary
> info _and_ the ability to really reject mail (saving resources....).
> Might be easier with some MTAs than others though:-). Or at least as
> close a facsimile of that function as possible:).
>
> --
> -- Glenn
> email: glenn < dot > steen < at > gmail < dot > com
> work: glenn < dot > steen < at > ap1 < dot > se
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!
>
--
Regards
Pravin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20061026/1f0a4295/attachment.html
More information about the MailScanner
mailing list