[Dshield] Firewall/Spam defense

Richard Roy RoyR at justicetrax.com
Thu Oct 23 03:41:52 GMT 2003


The firewall we use has a spam guard (I have not used it.) but I have a
couple of other things we do.

1) I have more than 1 Public IP, yet only one for my MX.  If an IP pokes
at port 25 on the other IP address, they are obviously not properly
sending me mail.  That means....Goodbye! I block them permanently.  9
times out of 10 it is an Asian, French, or Russian IP anyhow.  Unless
you do business with these people, block them.  If someone's email get's
blocked that is legit, you can always add exceptions to the rules, I
find blocking these areas reduces spam by at least 50% maybe more.

2) I have a public mailbox for all to use....junkmail at mydomains.ext
everyone can read what is in there.  So when they have to sign up for
something or put in a valid email...they use this one.  If things turn
legit, they can later provide their real address.  If not, then this box
is exactly what it says, junkmail.  We routinely purge the contents.
This helps too that there is no need to use a hotmail address or similar
so I can block acces to those sites.

3) I tried hard to get Linux working with postfix and spamassassin etc,
but it never worked right at all in front of my Exchange server.  Oh
well.  For now I put this on the back burner.

I know this wouldn't work everywhere, but it helps for us.

Just my $.02, I'll shut up now.

;-)

Cheers \_/


-----Original Message-----
From: list-bounces at dshield.org [mailto:list-bounces at dshield.org] On
Behalf Of John D.
Sent: Wednesday, October 22, 2003 4:17 PM
To: General DShield Discussion List
Subject: Re: [Dshield] Firewall/Spam defense


<SNIP>




More information about the list mailing list