Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Filtering outgoing email

From: Todd Clementz <clementz.7 () OSU EDU>
Date: Wed, 24 Jun 2009 11:57:44 -0400
Has anyone on the list had any experience with Djakota, specifically in the
realm of security concerns.  We are looking at it for a possible solution as
an image server.  Any thoughts are appreciated

Thanks,

Todd Clementz
Systems Engineer
Knowlton School of Architecture
The Ohio State University
614.292.8544


"Integrity is shown when no one is looking."


-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Jesse Thompson
Sent: Wednesday, June 24, 2009 11:29 Hello Todd
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Filtering outgoing email

Kellogg, Brian D. wrote:

We've been the victim of a phishing scam that made it through our
incoming spam filter.  The phisher used the compromised accounts to send
spam via Outlook Web Access.  Just wondering what inexpensive/reliable
methods others are using to filter outbound email and catch any accounts
showing a huge volume of outbound spam.  Thanks...


I wrote up these instructions on how to rate limit outbound spam using
Sun Messaging Server.

http://wikis.sun.com/display/CommSuite/Protecting+Against+Spammers+who+Compr
omise+Messaging+Server+User+Accounts#ProtectingAgainstSpammerswhoCompromiseM
essagingServerUserAccounts-RateLimitingOnlyOutgoingSpam

The idea is that you assume that there will be false positives, so you
can't reject all outbound spam; and you assume that you will have users
sending out legitimate mass mailings, so you can't rate limit all
outbound mail.  The solution: rate limit only the outbound spam.

Jesse

--
   Jesse Thompson
   Division of Information Technology, University of Wisconsin-Madison
   Email/IM: jesse.thompson () doit wisc edu
Previous By Date Next
Previous By Thread Next

Current thread: