Limiting outbound spam

One trick ISPs can use to control spam is to limit customer access to SMTP and NNTP servers. The router between your site and the Internet can be set to block access by your customers to offsite servers. This forces mail to be relayed through your mail servers, and disallows posting netnews via other site's servers. An example of how you might accomplish this with a Cisco router (assume your net is ppp.qqq.rrr.0 and your mail servers are ppp.qqq.rrr.11 and ppp.qqq.rrr.12):

interface serial0
 ip access-group 101 out

access-list 101 permit tcp host ppp.qqq.rrr.11 any eq smtp
access-list 101 permit tcp host ppp.qqq.rrr.12 any eq smtp
access-list 101 deny tcp ppp.qqq.rrr.0 0.0.0.255 any eq smtp
access-list 101 deny tcp ppp.qqq.rrr.0 0.0.0.255 any eq nntp
access-list 101 permit ip any any

Back to Tools and techniques

Scott Hazen Mueller / scott@zorch.sf-bay.org