Block open connections on proxy ports? So john spammer connects to an open socks server and gets a connection to your (or another) mail server. This connection looks like socksserver:<port> -> smtpserver:25. where <port> is a not-used port on the socks server.. Blocking that port doesn't work too well. Blocking connections to proxies inside your/customers networks on the other hand is different, but unless everyone in the world goes and does this, the effect is limited, it just means spam wont 'originate' from inside your network. As long as their is one open proxy server in the world, you will still get spam in this way. Or do you mean use a relays.osirusoft.com type system to block mail from known open proxies? This would have more effect on inbound spam than the method in my second paragraph. Nathan Ward Gordon Smith wrote:
I agree with Juha.
We are seeing more and more spam hitting the mail servers that is being relayed via open socks proxies. At this rate, I think its just going to be a matter of time before we're forced to block inbound connections on proxy ports.
I've had good results with the Osirusoft RBL's - Joe combines the more commonly used ones. Be aware that you may need to whitelist some regions - keep any eye on your rejections. Spamcop seems to be fairly conservative in its listings. I'd disagree with Mike Beattie's comments - the rant on the link posted is just that, a misguided rant. I'm sure we're all aware of the additional workload created by UCE. Unfortunately, it would seem that at least one ISP (that of Mr. Felton) failed to perform due diligence.
Gordon
_______________________________________________ Nznog mailing list Nznog(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog