Claydon, Tom wrote: It depends on your customer base. For residential customers, filtering outbound port 25 is considered acceptable. For business customer, not so. In my case, I deal with the latter. It can be problematic, because business computers do become part of part of some spammer's botnet. That means in a given week I spend a few hours informing clients about infected machines, when I should be working on something more productive. Conversely, there are problems when clients send out spam through our legacy mail servers, particularly when those connections come through NAT'ed environments. If that NAT'ed network has hundreds of hosts behind it, it can be extremely difficult to get a client's support staff to even work on the problem, because I cannot provide them with the specific details they need to locate the problem machine (and most lack the skill or will to learn to use network analyzers like Ethereal to narrow the field within their network). Therefore, I've put together a new mail system that only allows SMTP relaying once they've been authenticated. That leads to more issues, particularly with devices like printers or outdated software which cannot properly do SMTP-Auth. But as long as the majority use SMTP-Auth, it becomes a lot easier to trace problems then now. -- Stephen Fulton | We can be quick-witted Systems Administrator | or very intelligent Toronto, Canada | but not both. http://www.esoteric.ca/ | -- Stephen Hawking.
We are considering filtering outbound SMTP traffic from our ISP customers, except from our own mail servers, to help reduce the amount of spam originating from our network. How successful/unsucessful has implementing outbound SMTP filtering done in stopping or slowing down spam from your network?
Also, if outbound SMTP filtering has not worked for you, are there any other things that you have implemented that have helped with spam traffic?
Thanks,
= TC
-- Tom Claydon, IT/ATM Network Engineer Dobson Telephone Company http://www.dobsonteleco.com