[Techtalk] Sendmail question #2
Conor Daly
conor.daly at oceanfree.net
Mon Mar 29 22:47:04 EST 2004
On Mon, Mar 29, 2004 at 01:47:14PM -0500 or so it is rumoured hereabouts,
Martin, Caitlyn thought:
> Hi, everyone,
>
> Here's an interesting one for you. Our mail configuration has an inbound
> sendmail server, Exchange (not my worry, thankfully), and an outbound
> sendmail server. SpamAssassin runs on the inbound server. We have been
> receiving phishing e-mails with a spoofed management@<one of our domains>
> address. My normal response would be to blacklist the address and be done
> with it. Sadly, it isn't so simple.
I know you said you've inherited sendmail but is there a possibility that
you could use exim instead? Reason I ask is SA-exim appears to be very
configurable for detecting and refusing spam at initial SMTP connection
time.
http://marc.merlins.org/linux/exim/sa.html
SA-exim works by running a series of checks at SMTP connection time to
filter out spam and viruses _before_ they even get to your systems. There
is a brief description of how it works at:
http://www.linux.ie/pipermail/ilug/2004-March/012009.html
http://www.linux.ie/pipermail/ilug/2004-March/012020.html
comments on performance at:
http://www.linux.ie/pipermail/ilug/2004-March/012082.html
and comments on sysadmin reluctance and win32 viruscheckers at:
http://www.linux.ie/pipermail/ilug/2004-March/012024.html
http://www.linux.ie/pipermail/ilug/2004-March/012104.html
The entire discussion thread is at:
http://www.linux.ie/pipermail/ilug/2004-March/thread.html#11987
Rick Moen, who proposes SA-exim, is a long-serving unix/linux sysadmin who
has been among the targets of some spammers' attacks in years gone by for
his anti-spam activities.
Conor
--
Conor Daly <conor.daly at oceanfree.net>
Domestic Sysadmin :-)
---------------------
Faenor.cod.ie
10:49pm up 158 days, 14:57, 0 users, load average: 0.03, 0.49, 0.33
Hobbiton.cod.ie
10:40pm up 7 days, 2:07, 1 user, load average: 0.37, 0.15, 0.04
More information about the Techtalk
mailing list