Real Time Ascend Maling List Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: (ASCEND) Max/TNT/APX 8000 Ascend-Data-Filter [to prevent SPAMSMTP servers]
>From: Alan Spicer <aspicer@ifxcorp.com>
>
>* Is anyone using Radius Profile Settings "Ascend-Data-Filter" to prevent the
>now common SPAM user from running their own SMTP Server, either Linux/Windows
>NT or otherwise sending direct SMTP to destination servers?
We're doing this with a TNT with locally-defined filters being
applied to RADIUS profiles. It should make no difference if you
define the filter in RADIUS too.
>For example, for a particular site we'd need to allow SMTP connections to the
>normal MAIL SERVER (or sometimes 2 or 3 servers) that we provide for
>our users.
>But we would want to block sending SMTP to any servers other than that.
This is a _very_ good idea.
>It seems that we can block by destination ip and port, and also 0.0.0.0
>destination would cover all.
>
>What I don't understand is if it is possible, and if so, how to order such
>filter rules to allow one or a few servers ... and block all others? Or will
>the CATCH-ALL 0.0.0.0 rule flush the others and block all packets to
>that port?
The basic idea for the filter is:
1. Allow SMTP to your servers. Use one rule per server.
2. Disallow SMTP anywhere else.
3. Allow everything else.
That's all there is to it.
>(is there such a thing as an "allow out quick" like in IP Firewall that would
>allow the connections to the authorized servers to skip any remaining rules,
>but the rest of the server ip's not authorized would be caught by
>the 0.0.0.0?)
Every packet is compared against each filter rule. When a packet
matches a rule, the appropriate action is taken and no further rules
are examined for that packet.
--
Peter Lalor Infoasis
plalor@infoasis.com http://www.infoasis.com/
"Where's my burrito?" -- Homer
++ Ascend Users Mailing List ++
To unsubscribe: send unsubscribe to ascend-users-request@bungi.com
To get FAQ'd: <http://www.nealis.net/ascend/faq>