Solved

Preventing mail delivery from direct SMTP connection without a mail server.

Posted on 2006-07-13
10
186 Views
Last Modified: 2012-08-14
I'm using MDaemon 8 and more then 80% of my email bandwidth is used from spammers, 50/60% of this comes directly from dial-up/cable/dsl users without using their ISP mail servers. All I want is to return a 550 code and close these connections before receiving the message itself, hence preventing lots of bandwidth waste with junk mail. With MDaemon it’s not really difficult to setup a rule to delete these messages, but only after the message has already been received. How to do this while receiving the headers, before the actual data?
Thanks.
0
Comment
Question by:gorcutt
10 Comments
 
LVL 29

Expert Comment

by:mass2612
ID: 17105299
Hi,

Sorry I don't know MDaemon but maybe this article will point you in the right direction - http://www.altn.com/support/Knowledge_Base_Article.asp?product_id=MDaemon&txtKeywords=security&txtNumber=&Number=KBA-01452
0
 
LVL 9

Expert Comment

by:Exchgen
ID: 17123684
Move to Exchange and i guess we would be in a better position to help you with Exchange as an email application.

Raghu
0
 

Author Comment

by:gorcutt
ID: 17123997
Thanks for trying mass2612, but those tips on the MDaemon knowledge base don’t actually answer my question. I need a way to prevent certain hosts to connect based on their name, something like denying the connection coming from *.dsl.domain.com. I can deny access to specific IP addresses but if I use this solution this could be a large range of addresses, not very practical though.

Hey Raghu, how do I move this topic to another place?
Thanks.
0
 
LVL 31

Expert Comment

by:rid
ID: 17131793
If the SPAM in question is directed to your users, you may ned to find a way to block certain senders, but if the messages are for external parties, or nonexistent users with your domain, it's a matter of denying relay directly and not bother with catching the message and perhaps even sending an NDR...

Moving to Exchange will not in itself cure this - the problem is there is just the same shape and you will need add-on software to filter out the unwanted messages... And it's a costly solution...
/RID
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 

Author Comment

by:gorcutt
ID: 17132171
My mail server is closed to relay.
MDaemon has several security features, Bayesian spam filter etc,  and a very rich rules engine, that works AFTER the mail has arrived completely. I want to prevent all this bandwidth use for spam checking the connection during the initial handshake.
My problem has to do, as I stated in my original question, on how to close the connection coming from workstations and not from e-mail servers. Most spam received and processed from my e-mail server comes from hosts like SOMEREVERSEIP.DSL.DOMAIN.COM or a similar name to dialup users. Home users address from most ISPs usually looks like this. I can prevent connection using IP addresses but the list would be very long, impossible to be implemented. All I need is to check the reverse name during connection and drop that connection if the name matches a pattern.
Thanks.
0
 
LVL 31

Expert Comment

by:rid
ID: 17132525
That's a sound idea... reverse DNS lookup; that'd stop all these senders (you can't really discern a "workstation" from a mail server, they may be running the same kind of software). Exchange can't do this, I'm told, but I'm quite convinced MDaemon can, seem to have lost the link about that though.
/RID
0
 
LVL 31

Accepted Solution

by:
rid earned 125 total points
ID: 17132552
Perhaps some interesting reading:
http://www.altn.com/press/press_release.asp?ReleaseID=50
/RID
0
 

Author Comment

by:gorcutt
ID: 17560080
Hey Venabili,
Sorry, unfortunatelly I didn't have my question answered the way I was expecting, probably because what I've asked is not possible... Any way I moved on into another subject and forgot to close this one. I'm accepting the last reply from Rid, as he was the most active replier on this thread and this reply was the closer to what I've asked.

Hey Rid,
Sorry for not replying you before and not crediting the point in your account.
Thanks a lot for trying!
Cheers.
0
 
LVL 31

Expert Comment

by:rid
ID: 17560222
Thanks for the points and I hope you find a useful solution to your problem.
/RID
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

If you are anything like me, you install many apps on your phone and have your life on it, sometimes literally.  When I bought my current phone, a Samsung Galaxy S5 from Verizon, they were only selling the versions with 16 GB internal.  I didn't rea…
It’s a strangely common occurrence that when you send someone their login details for a system, they can’t get in. This article will help you understand why it happens, and what you can do about it.
The purpose of this video is to demonstrate how to set up an account with Mailchimp. This will be demonstrated using a Windows 8 PC. Tools Used are: Mailchimp.com Go to Mailchimp.com : Enter an Email, Username, and Password. Click Create My Acco…
The purpose of this video is to demonstrate how to set up Lists in Mailchimp. This will be demonstrated using a Windows 8 PC. Mailchimp will be used. Log into your Mailchimp account. : Click on Lists. Click on Create List Button : Choose the desi…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now