Subject: | |
From: | |
Reply To: | |
Date: | Sat, 31 Jan 2004 01:27:02 -0500 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
On Wed, 28 Jan 2004 11:20:52 EST, Paul Russell <[log in to unmask]> said:
> You can eliminate the problem by introducing email virus protection into your
> mail/list server environment. The Windows and Linux versions of LISTSERV 1.8e
> are designed to work with an anti-virus product from F-Secure. If this is not
> a viable option, you can put the LISTSERV server behind an external A/V server,
> or a mail server with A/V protection. At Notre Dame, we run McAfee A/V software
> on our central mail servers, which act as MX hosts for our LISTSERV server.
And make sure that your Listserv box is *really* "behind" the A/V software.
I just finished getting burnt (to the tune of at least 2.6 million RCPT TO
on one list alone - 50K+ subscribers, and 45 or so things that made it
through before our A/V got a pattern) pretty bad by this. (And yes, the
list was send=owner. Guess what spoofed From: we got by sheer bad luck. ;)
Discovered that although the MX for our Listserv box pointed at our 4
Mirapoint front-ends, that we'd still blindly accept unscanned mail from
machines that ignored the MX and connected directly to the IP address and
port 25. Whoops. ;) The borked firewalling ruleset has been fixed.
|
|
|