Spam prevention as security policy (was: Re: FWTK and smap/smapd)

[jseymour () LinxNet com (Jim Seymour)]

Devdas Bhagat <devdas () worldgatein net> wrote:
> Message-ID: <20020718115002.B56864 () rivendell worldgatein net>
[snip]
> (Hey, Spam is just unwanted crap at the application level, so you are on
> topic -- Application proxies do come under firewalls).

Probably meant somewhat tongue-in-cheek, but the IT Director where I
work does indeed regard spam prevention measures as part of the
corporation's security policy.  Which may not be all that far-fetched a
belief.  We've received a number of odd bounce messages telling us
about email, allegedly from one of us, that was rejected somewhere
because the remote system detected Klez.  Now being as we don't allow
anything with *any* executable attachments through the mail gateways,
I'm darn sure it didn't actually come from one of ours.  Given the
pattern of this (returns are all to role accounts published on our web
sites), I rather suspect that a spammer that scraped our sites got
infected.  Anti-spam measures at the mail gateways, plus not allowing
anything with executable attachment types (that we *know* of), helps
protect us from those users that don't know any better than to not run
such attachments and from brain-dead apps that run some stuff w/o
explicitly being told to.


Regards,
Jim
-- 
Jim Seymour                  | PGP Public Key available at:
jseymour () LinxNet com         | http://www.uk.pgp.net/pgpnet/pks-commands.html
http://jimsun.LinxNet.com    |
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards