[unisog] AOL rejects forwarding?

Chris Crowley ccrowley at tulane.edu
Wed Nov 3 16:04:42 GMT 2004

> Blocking outbound port 25 eliminates direct-to-MX spam and virus traffic,
> and mandatory SMTP authentication eliminates relay spam from compromised
> internal systems. Sooner or later, we will have to deal with trojans which
> either use MAPI calls to retrieve stored usernames and passwords for SMTP
> authentication, or pop a dialogue box and ask for a userid and password.

The Tulane network rate limits outbound email through the mail server. 
Could a human being send 2,000 messages in an hour?

We use DCC to enforce this.  The setup was a little tricky because this 
is not exactly what DCC is designed for.  But, a system which exceeds 
the limit is prohibited from sending any e-mail for a day.  Exceptions 
are granted for individuals who send many messages lists for legitimate 
e-mail campaigns. This also helps to identify infected systems, since 
the infractions are logged and easily identified.

Christopher Crowley
ccrowley at tulane.edu
(504) 314-2535
Network Administrator
Technology Services
Tulane University
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ccrowley.vcf
Type: text/x-vcard
Size: 158 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/unisog/attachments/20041103/94d31be4/ccrowley-0002.vcf

More information about the unisog mailing list