On Tue, 2010-02-16 at 11:38 -1000, Alexandre Chapellon wrote:
> Le mardi 16 février 2010 à 20:29 +0000, Martin Gregorie a écrit :
> > > I have a quite buggy customer network, full of zombie PCs that spends
> > > all days sending spam and wasting the whole "reputation" of my
> > > networks.
> >
> > 1) Are you already using separate inbound and outbound mail servers?
>
> yes of course
> > 3) Do you require all outbound mail to go through your servers and have
> > you blocked users from sending outbound mail directly?
>
> I can't block users from sendin directly.... I am an ISP my users are
> free to use another relay than mine... eg google or yahoo or some
> mails relay of their own hosted i don't know where.
This may just be me being confused today, but -- if your users are free
to use external SMTP servers on port 25 (which, as you stated probably
is a major part or your problem, given you mentioned bots), how exactly
is your hypothetical SA bastion server supposed to filter them?
I mean, the bots won't talk to your server, just because you ask nicely.
Enforced transparent SMTP proxy for all outgoing connections to port 25?
--
char *t="\10pse\0r\0dtu...@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4";
main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i<l;i++){ i%8? c<<=1:
(c=*++x); c&128 && (s+=h); if (!(h>>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}
