Re: Effective Use of Gateway

On Tue, 15 Jun 2004 11:04:49 -0700
Norman Zhang <norman.zhang@rd.arkonnetworks.com> wrote:


> > Well then...
> > If your getting viruses sent to the internal mail server they are
> > coming from inside your network. All you can do there is find out
> > what machines are sending them and clean them up. OR your firewall
> > is configured to allow smtp traffic to/from more than your gateway.
>
> It is very unlikely that my internal hosts are infected with virus. My
>
> internal hosts have updated definition with scheduled scan every week.
>

It is possible to catch a virus even if your definitions are updated
daily. A lot depends on the timing of the vendor's updates.

> > The side effects are good or bad depending on what YOU want to
> > accomplish. I have the luxury of stipulating that my users will use
> > my mail server only and that they cannot send mail through it from
> > an outside ip address. This stops abuse of my mail server. Most
> > ISP's don't have that luxury... So if your an ISP and your customers
> > want to be on any network and send mail through your mail server
> > this step would be bad if you want them to do that. On the other
> > hand if your in the same posisition as me you can dictate this and
> > rest assured you will not ge black listed (as we did) because of a
> > spambot somewhere on your network sending spam.
>
> I have setup VPN (MS Exchange protocols) for remote users to my
> internal box. So does that mean I can't drop SMTP traffic except from
> the gateway from outside to my internal mail server? Also would this
> affect SMTP_AUTH for remote users?
>


Does all of the mail for those VPN users come though you ?

It's worth noting that there are other routes for malware to reach
client machines.