07-24-2007 02:51 PM
How do you handle outbound spam?
Most ISPs can't afford to just let outbound email go completely unfiltered for fear of being blacklisted.
It has been suggested that many ISPs do not perform outbound spam filtering.
What do you do?
07-25-2007 08:01 PM
None of those options cover what we do. We require SMTP authentication to send mail through our mail servers (and TLS to protect the passwords, of course), which has so far proven effective at stopping any bots from sending spam through our servers. We don't do outbound port 25 blocking, so direct-to-victim spambots could conceivably do some damage. But we have a good security group who spot and quarantine compromised systems very quickly.
Since we're a university rather than an ISP, our only "customers" are students, faculty, and staff. Therefore we don't often have users who go rogue and start spamming. Those who do get caught pretty quickly.
Our biggest blacklisting problem has been from AOLusers who click the "this is spam" button on legitimate mail that happens to come from or through us.
07-26-2007 11:37 AM
we just block port 25 with a firewall rule. It used to be fairly effective for identifying SMTP worms (as they'd light up the ACL rejections) but these days it's pretty quiet - mostly people who have VPN'ed in and left their email system running.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide