[Mimedefang] Versigin to screw things up again
Jon R. Kibler
Jon.Kibler at aset.com
Tue Feb 10 14:23:51 EST 2004
"Cormack, Ken" wrote:
>
> This will (again) break any sendmail-based defense against unresolvable
> sender domains. I have greylisting in place, and my BIND is configured with
> the latest delegation-related directives, but would it be something to
> consider, to have MIMEDefang reject a message if the domainname of the
> sender resolves to VeriSign's search site? (This would help people who dont
> do greylisting and/or dont control their DNS server's configuration.
>
> http://www.washingtonpost.com/wp-dyn/articles/A25819-2004Feb9.html
>
We simply rejected all traffic to/from SiteFinder at our border router. It was simple
and quite effective. For a Cisco router, it requires only one access-list entry per
interface.
--
Jon R. Kibler
Chief Technical Officer
A.S.E.T., Inc.
Charleston, SC USA
(843) 849-8214
==================================================
Filtered by: TRUSTEM.COM's Email Filtering Service
http://www.trustem.com/
No Spam. No Viruses. Just Good Clean Email.
More information about the MIMEDefang
mailing list