[unisog] Port 25 blocking - on the

Chris Crowley ccrowley at tulane.edu
Fri Apr 29 21:52:01 GMT 2005


In addition to some of the other mentioned strategies, we rate-limit
systems on our network sending e-mail through our SMTP server -- for
most of the network, systems are prevented from using tcp port 25 to
anywhere outside of the network.

Using a customized DCC installation, once a system has sent mail to more
than "x" recipients per hour, the system is prohibited from sending any
more e-mail.

So, if an infected or open relay system attempts to send lots of mail,
it gets stopped, and flagged as a problem.  There is a procedure in
place to request exception from the limit for internal bulk mailing.



-- 
Christopher Crowley
ccrowley at tulane.edu
(504) 314-2535
Network Administrator
Technology Services
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ccrowley.vcf
Type: text/x-vcard
Size: 158 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/unisog/attachments/20050429/ab21c1de/ccrowley-0001.vcf


More information about the unisog mailing list