Proxy scanning for spam
Hello, If I have a network segment connected to a BGP peer, is there a way that I can hang a box of some kind off of that segment that will sniff out and block malicious/spam email before it hits the customers? Regards, Christopher J. Wolff VP CIO Broadband Laboratories, Inc. http://www.bblabs.com
On Mon, 5 Jul 2004, Christopher J. Wolff wrote:
Hello,
If I have a network segment connected to a BGP peer, is there a way that I can hang a box of some kind off of that segment that will sniff out and block malicious/spam email before it hits the customers?
Do you mean a host that can have all tcp/25 routed to it, transparently pick-up/scan/re-deliver emails for your customers? or did you mean something you could add to your customer relay boxes? (or your MX hosts that customers use) Or thirdly, something to protect the internet from your users?
Christopher, I meant option #1. -----Original Message----- From: Christopher L. Morrow [mailto:christopher.morrow@mci.com] Sent: Monday, July 05, 2004 10:36 PM To: Christopher J. Wolff Cc: nanog@merit.edu Subject: Re: Proxy scanning for spam On Mon, 5 Jul 2004, Christopher J. Wolff wrote:
Hello,
If I have a network segment connected to a BGP peer, is there a way that I can hang a box of some kind off of that segment that will sniff out and block malicious/spam email before it hits the customers?
Do you mean a host that can have all tcp/25 routed to it, transparently pick-up/scan/re-deliver emails for your customers? or did you mean something you could add to your customer relay boxes? (or your MX hosts that customers use) Or thirdly, something to protect the internet from your users?
On Mon, 5 Jul 2004, Christopher J. Wolff wrote:
Christopher,
I meant option #1.
a quickie google shows: http://assp.sourceforge.net/ which looks promising... additionally: http://www.ironport.com/ Though, why not just use brightmail/messagelabs if it's to MX's you can control? Offer this as a 'service' to your customers for $X/seat/month?
On Mon, 5 Jul 2004, Christopher J. Wolff wrote:
Hello,
If I have a network segment connected to a BGP peer, is there a way that I can hang a box of some kind off of that segment that will sniff out and block malicious/spam email before it hits the customers?
Do you mean a host that can have all tcp/25 routed to it, transparently pick-up/scan/re-deliver emails for your customers? or did you mean something you could add to your customer relay boxes? (or your MX hosts that customers use) Or thirdly, something to protect the internet from your users?
These are both interesting options. Thank you. -----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of Christopher L. Morrow Sent: Monday, July 05, 2004 11:02 PM To: Christopher J. Wolff Cc: nanog@merit.edu Subject: RE: Proxy scanning for spam On Mon, 5 Jul 2004, Christopher J. Wolff wrote:
Christopher,
I meant option #1.
a quickie google shows: http://assp.sourceforge.net/ which looks promising... additionally: http://www.ironport.com/ Though, why not just use brightmail/messagelabs if it's to MX's you can control? Offer this as a 'service' to your customers for $X/seat/month?
On Mon, 5 Jul 2004, Christopher J. Wolff wrote:
Hello,
If I have a network segment connected to a BGP peer, is there a way that
I
can hang a box of some kind off of that segment that will sniff out and block malicious/spam email before it hits the customers?
Do you mean a host that can have all tcp/25 routed to it, transparently pick-up/scan/re-deliver emails for your customers? or did you mean something you could add to your customer relay boxes? (or your MX hosts that customers use) Or thirdly, something to protect the internet from your users?
On Mon, 5 Jul 2004, Christopher J. Wolff wrote:
Hello,
If I have a network segment connected to a BGP peer, is there a way that I can hang a box of some kind off of that segment that will sniff out and block malicious/spam email before it hits the customers?
policy route your port 25 at an adjacent box.. use some sort of iptables rules to translate the ip address of the box and that will work also. Steve
On Tue 06 Jul 2004 (11:08 +0100), Stephen J. Wilcox wrote:
On Mon, 5 Jul 2004, Christopher J. Wolff wrote:
Hello,
If I have a network segment connected to a BGP peer, is there a way that I can hang a box of some kind off of that segment that will sniff out and block malicious/spam email before it hits the customers?
policy route your port 25 at an adjacent box.. use some sort of iptables rules to translate the ip address of the box and that will work also.
make sure no-one is running a mailserver that expects to do TLS authentication or similar. -- Jim Segrave jes@nl.demon.net
participants (4)
-
Christopher J. Wolff -
Christopher L. Morrow -
Jim Segrave -
Stephen J. Wilcox