Orbit

pacnog

[pacnog] Spam Backskatter

by Chan J Tallon

3 Jun 2008 1:01 a.m.

Greetings All,

I'm having some issues with preventing outbound email backscatter as a result of a spam attack,

Would like to get some ideas from others out there on prevention,

Thanks,

Chan

2 2

Replies

Franck Martin

4 Jun 1:34 a.m.

Start by www.spamhaus.org

Put your IP addresses and see which one are listed. At the same time, it will give you remedies to get them unlisted. These remedies are quite good and some simple.

There are plenty useful information.

Another system is to run an IDS (Intrusion Detection System) that will report which machines on your network are behaving strangely, a little analysis and you call your customer to explain them, they are going to be quarantined till they fix the problem (whatever quarantined means). You can give them a list of companies in town that will fix their problem. You don't really want them to call your support for free, don't you?

Franck Martin ICT Specialist franck@sopac.org SOPAC, Fiji GPG Key fingerprint = 44A4 8AE4 392A 3B92 FDF9 D9C6 BE79 9E60 81D9 1320 "Toute connaissance est une reponse a une question" G.Bachelard

Chan J Tallon wrote:

...

Greetings All,

I’m having some issues with preventing outbound email backscatter as a result of a spam attack,

Would like to get some ideas from others out there on prevention,

Thanks,

Chan

pacnog mailing list pacnog@pacnog.org http://mailman.apnic.net/mailman/listinfo/pacnog

Chan J Tallon

24 Jun 8:18 a.m.

Setting up valid recipient lookup lists at the edge mx's go a long way,

Postfix with getadsmtp.pl for relay_recipient lists works really well for those of us with user bases in active directory

Modify maxpagesize policy using ntdsutil.exe to increase page size from default 1000 records when required,

For those of us not using exchange, the filters in the perl script need to be tinkered with to pull the records you need from ad.

This is only but a small portion of an entire mailserver setup, and is a hint of what I had done to solve my issue with backscatter.

Hope this helps,

Chan

_____

From: pacnog-bounces@pacnog.org [mailto:pacnog-bounces@pacnog.org] On Behalf Of Chan J Tallon Sent: Tuesday, June 03, 2008 12:01 PM To: pacnog@pacnog.org Subject: [pacnog] Spam Backskatter

Greetings All,

I'm having some issues with preventing outbound email backscatter as a result of a spam attack,

Would like to get some ideas from others out there on prevention,

Thanks,

Chan

-- Message scanned by http://www.mailscanner.info/ MailScanner.

Download
Add to favorites Remove from favorites

Activity Summary

5384 days inactive
5384 days old
pacnog@pacnog.org
2 participants
2 comments

Participants (2)

Chan J Tallon
Franck Martin