[afnog] how to block spam activity on my router cisco 2600

Mark Tinka mtinka at africaonline.co.sz
Mon Oct 17 18:21:28 EAT 2005


On Monday 17 October 2005 11:37, Paul wrote:
> Good day all,
>
> Please I need help on how to block spam activity from
> my cisco 2600 router.

Cisco routers appear to have spam signatures in 
IDS-enabled IOS's that can help capture spam, but for 
all intents and purposes, I do not think routers are 
built for this.

I would recommend looking at a solution based on a 
general-purpose OS, e.g., SpamAssassin/MailScanner on 
UNIX/Linux.

> my uplink provider has been 
> telling me of spam report coming from one of the
> ethernet interface on my router.

Is your upstream telling the truth from your perspective? 
How do they know spam is originating from your router's 
Ethernet interface? Are they familiar with your network 
topology and/or IP addressing scheme?

If you have identified your router's Ethernet interface 
as sourcing the spam, could it be clients/servers are 
using the IP address on your router's Ethernet 
interface? NAT, perhaps? Your upstream must be able to 
identify a real IP address, and not relegate the source 
to your router.

I'm curious to know why your upstream has identified your 
router as the source.

Cheers,

Mark.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 827 bytes
Desc: not available
Url : http://listserv2.cfi.co.ug/mailman/private/afnog/attachments/20051017/842c123a/attachment.bin


More information about the afnog mailing list