Re: Effective Use of Gateway
This is a discussion on Re: Effective Use of Gateway within the mailing.postfix.users forums, part of the Mail Servers and Related category; ----- Original Message Follows ----- Date: Tue, 15 Jun 2004 09:58:15 -0700 > > Kevin W. Gagel wrote: > >&...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
06-15-2004
|
|||
|
|||
Re: Effective Use of Gateway
----- Original Message Follows -----
Date: Tue, 15 Jun 2004 09:58:15 -0700 > > Kevin W. Gagel wrote: > >>I have a Postfix gateway setup to filter virus and SPAM before my > >>Exchange box. I'm finding that some mail seem to slipped through the > >>gateway. Those mail should be detected by the gateway. Though I can the > >>MX record for the Exchange box to the gateway. How are the mail be > >>possibly reach my Exchange box without going through the gateway? Some > >>cached entries of my old MX records? > > > > I used to have that problem. I found that my network was being scanned and > > shortly afterwards my internal mail server would get mail sent to it > directly. > > I have a firewall before my internal mail server. How do they scan my > network? Most of the mail slipped through are new virus. These people > probably have no clue that they are sending virus. So I think they won't > know how to scan my network. > > > Changing the configuration of your internal mail server to stop recieving > > mail from external machines will resolve that for you. Alternativly you > > could use a firewall and allow smtp traffic to only your gateway. > > Thanks for the good tip. I will try that. Are there any side effects > from this? > > Regards, > Norman Well then... If your getting viruses sent to the internal mail server they are coming from inside your network. All you can do there is find out what machines are sending them and clean them up. OR your firewall is configured to allow smtp traffic to/from more than your gateway. If you have a firewall in place, then they should not be capable of scanning your internal network. Unless your firewall is not configured correctly or has left port 25 open for all traffic. You'll need to investigate that. Ours is set to allow only smtp (port 25)traffic through to my gateway and from my gateway. ALL other smtp traffic is dropped. This has the side effect of causing all spyware/virus infested machines that are being used for sending spam to be useless for that purpose. ALL machines in the network must use my internal mail server to send mail. The side effects are good or bad depending on what YOU want to accomplish. I have the luxury of stipulating that my users will use my mail server only and that they cannot send mail through it from an outside ip address. This stops abuse of my mail server. Most ISP's don't have that luxury... So if your an ISP and your customers want to be on any network and send mail through your mail server this step would be bad if you want them to do that. On the other hand if your in the same posisition as me you can dictate this and rest assured you will not ge black listed (as we did) because of a spambot somewhere on your network sending spam. ==================== Kevin W. Gagel Network Administrator (250) 561-5848 local 448 (250) 562-2131 local 448 -------------------------------------------------------------- The College of New Caledonia, Visit us at http://www.cnc.bc.ca Virus scanning is done on all incoming and outgoing email. -------------------------------------------------------------- 
|
Linear Mode
