Re: Blocking SMT Connections by clients
- From: "Dan DeCoursey" <DanDeCoursey@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Thu, 28 Apr 2005 10:14:05 -0700
,Sorry for the confusion Phillip,
Here is what I meant: I too have had our domain/echange server (what ever
)blacklisted..........same scenario as the other fellow listed in this
thread......we figured that the internal computer generating the spam
........may have acquired some sort of problem from the user accessing their
own private email account via the web....we are also directing attention to
all other mail based infections that a you could acquire by mail that does
not get scrubbed by our" Norton For Exchange" so, to me, I just want force
all users to just be able to use their business email accounts and stop any
incomming mail that would by pass the exchange and ISA server.........
So not be be a knucklehead... is there no way of having a rule that would
not allow URL that had the word mail in it ..or is this stupid ?? Thanks for
your patience
"Phillip Windell" wrote:
> "Dan DeCoursey" <DanDeCoursey@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
> news:63D50DDB-16D5-4D3C-92AE-B0DF810309CF@xxxxxxxxxxxxxxxx
> > Hi Phillip,
> >
> > How So ? this thread starts off by outlining the blacklisting
> > scenario....... following this thread it progresses to the blockng of
> port
> > 25 in order to varify the offending user/computer via the log
>
> Krakan is dealing with users that may be sending out spam from their local
> machines due to viruses which is causing his IP# to get blacklisted which
> just happens to also be the same IP# his mail server (Exchange on SBS) is
> using,...so his mail server is getting blacklisted for something that it is
> not even doing. However the "official" blacklists on the Internet will test
> the address for "open relaying" before black listing, so he would be ok with
> that as long as his mail server is not really an "open relay", but he could
> still have problems with individual orgranizations "spame filters".
>
> In your case users were getting infected with virus due to using outside
> "web-based" mail and you were wanting to stop them from accessing that
> web-based mail.
>
> Both situations involved users getting infected with viruses via
> email,...but nothing else is the same.
>
> In both cases AV protection is the solution. If you wanted you could also
> block all outbound port 25 as I suggested to him. That would stop the
> viruses from sending outbound, but that doesn't solve the primary problem.
> But the primary thing in your case, I thought, was to stop them from
> accessing the sites providing web-based mail,....blocking port 25 won't do
> that.
>
> --
>
> Phillip Windell [MCP, MVP, CCNA]
> www.wandtv.com
>
>
>
.
- References:
- Blocking SMT Connections by clients
- From: krakan
- RE: Blocking SMT Connections by clients
- From: Dan DeCoursey
- Re: Blocking SMT Connections by clients
- From: Dan DeCoursey
- Blocking SMT Connections by clients
- Prev by Date: Routing between internal network and DMZ
- Next by Date: ISA 2000 and RealPlayer10
- Previous by thread: Re: Blocking SMT Connections by clients
- Next by thread: ISA Configuration Issue
- Index(es):
Relevant Pages
|
