Educause Security Discussion mailing list archives

Re: Outbound SMTP

From: "Jason S. Cash" <cash () UDEL EDU>
Date: Fri, 25 Apr 2008 14:22:09 -0400

On Fri, 25 Apr 2008, Jenkins, Matthew wrote:

Well, I have not received a single response saying "we allow outbound
smtp."  I appreciate the feedback from everyone.


 We (udel.edu) allow limited outbound smtp.  If your host passes certain
thresholds we automatically block the traffic and manually determine if we
have a legitimate email server or an infested machine.  Legitimate servers
get a free pass.

 This has worked pretty well for us so far.  If only we could detect
passwd phishing scams with netflow/jflow...

Jason


/*   Jason Cash  IT/Network and Systems Services
       University of Delaware, Newark Delaware
         e:cash () udel edu  v: 302-831-0461           */

Current thread:

Re: Outbound SMTP, (continued)
- Re: Outbound SMTP Deke Kassabian (Apr 25)
- Re: Outbound SMTP David Lundy (Apr 25)
- Re: Outbound SMTP Jenkins, Matthew (Apr 25)
- Re: Outbound SMTP Roger Safian (Apr 25)
- Re: Outbound SMTP ken lindahl (Apr 25)
- Re: Outbound SMTP Don Nightingale (Apr 25)
- Re: Outbound SMTP Michael Van Norman (Apr 25)
- Re: Outbound SMTP Michael Sinatra (Apr 25)
- Re: Outbound SMTP Joel Rosenblatt (Apr 25)
- Re: Outbound SMTP Basgen, Brian (Apr 25)
- Re: Outbound SMTP Jason S. Cash (Apr 25)
- Re: Outbound SMTP Michael Sinatra (Apr 25)
- Re: Outbound SMTP Michael Sinatra (Apr 25)
- Re: Outbound SMTP Joe St Sauver (Apr 25)
- Re: Outbound SMTP Scholz, Greg (Apr 25)
- Re: Outbound SMTP Halliday,Paul (Apr 25)
- Re: Outbound SMTP John Kristoff (Apr 28)
- Re: Outbound SMTP Tim Cantin (Apr 28)
- Re: Outbound SMTP Mike Porter (Apr 28)
- Re: Outbound SMTP Valdis Kletnieks (May 05)