25 Mar
2004
25 Mar
'04
2:51 p.m.
On the other hand, it's probably more effective to find some way of making the Cisco gear block outbound 25 from abusive machines. Transparently redirecting the traffic is evil unless you plan to take all responsibility for relaying the mail (including mail that has MAIL FROM/RCPT TO that you may not wish to relay).
Right now I am blocking all network access for ip addresses I receive believeable abuse reports for. The big problem is that it is a manual process that does not start until a PC has already sent a massive amount of abusive mail. After all, it does take time to read and act upon abuse reports. By forcing smtp through a specific server at least some proactive measures are possible such as throttling abusive behaviour. Adi