|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: NoSpam! 2.07 & InfoSec Resources
Darren Reed (darrenr
cyber.com.au)
Fri, 7 Nov 1997 16:34:50 +1100 (EST)
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
- Next message: Aftab Mir: "No Subject"
- Previous message: Magossa'nyi A'rpa'd: "Re: IP transparent proxies (source)."
- In reply to: Steve Kann: "IP transparent proxies (source)."
- Next in thread: Jyri Kaljundi: "Re: NoSpam! 2.07 & InfoSec Resources"
- Reply: Jyri Kaljundi: "Re: NoSpam! 2.07 & InfoSec Resources"
In some mail I received from Jason R. Rhoads, sie wrote
>
> [To be removed from this list send the message "unsubscribe fwtk-users" in the
> BODY of a mail message to > BODY of a mail message to majordomoex.tis.com.]
>
> Version 2.07 of NoSpam! is now available:
>
> http://www.sabernet.net/products
>
>
> What is it? NoSpam! is an patch for smap, the sendmail wrapper client
> included in the TIS Firewall Toolkit. The patch provides a mechanism
> to stop spam from being delivered to users at your site.
What concerns me most, with smap, is preventing the site from being
used as a relay. I'm aware of sendmail bits to stop relaying, but,
do they work in conjunction with smap ?
I've looked at http://www.cih.com/~hagan/smap-hacks/ but I'm not sure
what's there does what I want.
My scenario at present is:
Internet-----[X]Firewall[Z]----Company_A
[Y]
|
Company_B,Company_C
At the moment, I'm borderline hacking smap to do the following, when
receiving email:
smap: local-addr [X] permit to company_A from *
smap: local-addr [X] permit to company_B from *
smap: local-addr [X] permit to company_C from *
smap: local-addr [Y] permit to * from company_B
smap: local-addr [Y] permit to * from company_C
smap: local-addr [Z] permit to * from company_A
and deny everything else (with each line being a complete rule). Is there
already a patch to do this ? What's important here is the association with
the interfaces. Although this is to primarily defend against spam, I'm not
eager to use spam keywords and narrow its perceived usage.
Also, how are anti-spam patches for smap currently dealing with addresses
such as:
joe%foo.bar%bar.bazcompany.com
?
Darren
- Next message: Aftab Mir: "No Subject"
- Previous message: Magossa'nyi A'rpa'd: "Re: IP transparent proxies (source)."
- In reply to: Steve Kann: "IP transparent proxies (source)."
- Next in thread: Jyri Kaljundi: "Re: NoSpam! 2.07 & InfoSec Resources"
- Reply: Jyri Kaljundi: "Re: NoSpam! 2.07 & InfoSec Resources"
This archive was generated by hypermail 2.0b3 on Sat Jul 17 1999 - 07:09:48 CDT