[afnog] how to block spam activity on my router cisco 2600
Mikisa Richard
rmikisa at bushnet.net
Tue Oct 18 12:37:04 EAT 2005
Mark Tinka wrote
>Is your upstream telling the truth from your perspective?
>How do they know spam is originating from your router's
>Ethernet interface? Are they familiar with your network
>topology and/or IP addressing scheme?
>
>If you have identified your router's Ethernet interface
>as sourcing the spam, could it be clients/servers are
>using the IP address on your router's Ethernet
>interface? NAT, perhaps? Your upstream must be able to
>identify a real IP address, and not relegate the source
>to your router.
>
>I'm curious to know why your upstream has identified your
>router as the source.
>
>Cheers,
>
>Mark.
>
I have received a couple of those warning myself, turns out they
actually do belong to some natted clients of mine who have been hit by
some massive mailers. Since most of us use NAT, all the upstream
provider can do is point the culprit to your block.I would do what the
others have said - point all SMTP traffic to one server, and perform
spam/Virus filtering on it.
cheers
Richard
More information about the afnog
mailing list