Date: Thu, 15 Mar 2001 09:59:16 +0700 (ICT) From: Olivier Nicole <on@cs.ait.ac.th> To: freebsd-security@FreeBSD.ORG Subject: Re: Sophos and Virus return mail Message-ID: <200103150259.JAA15200@banyan.cs.ait.ac.th> In-Reply-To: <Pine.BSF.4.21.0103141119450.1452-100000@shazam.int> (message from Jim Durham on Wed, 14 Mar 2001 11:31:05 -0500 (EST)) References: <Pine.BSF.4.21.0103141119450.1452-100000@shazam.int>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, I would like to add my couple of cents to the topic. Actually you should check Reply-To:, From: then the From enveloppe in that order. And in any case copy the email to one of those guys who monitor the ISP with open relay and publish list for banning. Port 25 in my opinion MUST be closed, as far as it goes for individual users. In fact it could be closed even for corporate users as one bad corporate customer could cause the whole ISP address range to be banned. A centralised email exhange point is the only efficient way for an ISP to control that their users are not doing spam. As far as relaying, is should be open from outside to inside (considering the frontier is the ISP email exchange) and from inside to outside. But not from outside to outside. To address mobile configuration, say a customer using his laptop outside the ISP domain, relay can be set-up to open from outside to outside, for a limited period of time (usially 10 minutes) provided that the laptop first does a connection with POP or IMAP. The laptop identifies as a valid user of the ISP so he is allowed to use the ISP email gateway for a while. Olivier To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200103150259.JAA15200>