Educause Security Discussion mailing list archives
Re: Blacklisting and Tar-pitting
From: Jesse Thompson <jesse.thompson () DOIT WISC EDU>
Date: Fri, 8 Aug 2008 15:54:41 -0500
We do 2 things: 1) We separate the flow of our mail so that forwarded email comes from different IP addresses than our authenticated submissions. This way, an external site could only rate limit our forwarded mail, not our "important" outbound traffic. We encourage our users to stop forwarding if they complain about their forwarded mail not being delivered in a timely fashion. 2) If a domain starts rate limiting our forwarded mail, then we will discard messages destined for those domains that we have rated as spam. There is a risk of losing some legitimate messages, but we let the users know this when they set up the forward. We only do this for around 10 domains (yahoo, gmail, etc) so far. Another couple of points: - only around 10% of our users choose to forward off campus - we don't relay mail for unauthenticated campus hosts Jesse UW-Madison Jay Graham wrote:
Folks, Here at the University of Pittsburgh, we allow our users to forward their official University email address <username () pitt edu> either on campus to a departmental e-mail server or off campus to another provider. We have been dealing with the external providers Blacklisting us for some time, but recently it seems to have become chronic and we are Blacklisted now more than we are not Blacklisted. We put measures in place for SPAM filtering and have really cracked down on security so that compromised workstations are not spewing spam. I know there are several things we can do about this. Some are radical like not allowing forwarding of email off campus and others are less radical like trying to white list us with the major providers or implement domain keys or SPF. I am wondering what other Universities that allow forwarding are doing to combat the blacklisting problem. Is this something obvious we are missing or is this a real problem that everyone is facing? Jay Graham University of Pittsburgh jwg () pitt edu ================
-- Jesse Thompson Email/IM: jesse.thompson () doit wisc edu
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
Current thread:
- Blacklisting and Tar-pitting Jay Graham (Aug 06)
- <Possible follow-ups>
- Re: Blacklisting and Tar-pitting Michael Young (Aug 06)
- Re: Blacklisting and Tar-pitting Jason C.Belford (Aug 06)
- Re: Blacklisting and Tar-pitting Roger Safian (Aug 06)
- Re: Blacklisting and Tar-pitting Patrick P Murphy (Aug 06)
- Re: Blacklisting and Tar-pitting Jesse Thompson (Aug 08)