[afnog] how to block spam activity on my router cisco 2600
Mark Tinka
mtinka at africaonline.co.sz
Mon Oct 17 18:21:28 EAT 2005
On Monday 17 October 2005 11:37, Paul wrote:
> Good day all,
>
> Please I need help on how to block spam activity from
> my cisco 2600 router.
Cisco routers appear to have spam signatures in
IDS-enabled IOS's that can help capture spam, but for
all intents and purposes, I do not think routers are
built for this.
I would recommend looking at a solution based on a
general-purpose OS, e.g., SpamAssassin/MailScanner on
UNIX/Linux.
> my uplink provider has been
> telling me of spam report coming from one of the
> ethernet interface on my router.
Is your upstream telling the truth from your perspective?
How do they know spam is originating from your router's
Ethernet interface? Are they familiar with your network
topology and/or IP addressing scheme?
If you have identified your router's Ethernet interface
as sourcing the spam, could it be clients/servers are
using the IP address on your router's Ethernet
interface? NAT, perhaps? Your upstream must be able to
identify a real IP address, and not relegate the source
to your router.
I'm curious to know why your upstream has identified your
router as the source.
Cheers,
Mark.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 827 bytes
Desc: not available
Url : http://listserv2.cfi.co.ug/mailman/private/afnog/attachments/20051017/842c123a/attachment.bin
More information about the afnog
mailing list