New? behavior og rbl's
Alex Broens
ms-list at alexb.ch
Thu Sep 22 17:16:19 IST 2011
On 2011-09-22 18:02, Scott Silva wrote:
> on 9/22/2011 7:40 AM Jonas spake the following:
>> Hmm ok maybe I was a sleep the past year or so but when did the below
>> become normal policy???
>>
>> Basically the conclusion is if you have a pc infected with a virus
>> that's not email related and or at least is unable to send out spam
>> because of firewall blocks or similar, you are still blocked in a
>> spamfilter for having the same WAN ip?
>>
>> Not only have I not seen this before but it seems like a huge jump in
>> what a normal SMTP RBL list is supposed to do...
>>
>> Anybody else have any thought on the matter?
>>
>> Med venlig hilsen / Best regards
>>
> All the RBL's have is the public facing address that the crap goes out
> on... One bad apple does spoil the whole bunch...
>
Which translated means:
- put your MTAs on dedicated IP/s and do not share with gateway.
- setup log watching/alerts
- If you're corporate/Exchange don't allow OWA without being VPN'd or at
least use a non standard port.
- block port 25 outbound for all behind the gateway which is not an MTA
(your MTA is on dedicated IP)
- use outbound rating to minimize possible blasts.
Alex
More information about the MailScanner
mailing list