DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 21st January 2010
Simon Simon is offline
Port Guard
 
Join Date: Jan 2010
Posts: 30
Thanked 0 Times in 0 Posts
Question filter spams

Hello,

I ve a client with :
3 workstations (xp/Outlook 2007), have mails using smtp.orange.fr
and pop3 : pop.orange.fr ; they have many spams.
There’s an OpenBSD 4.6 machine configured as Firewall.
Local area network can only use ports : 443, 80, 25, and 110 (out), nothing is open (IN). Is there a way to filter spams ? Attached a small diagram.
Thank’s
Attached Images
File Type: png 3wks1firew.png (9.4 KB, 11 views)
Reply With Quote
  #2   (View Single Post)  
Old 21st January 2010
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 3,431
Thanked 214 Times in 189 Posts
Default

Yes, it is possible to "filter" spam, but ... the methods have nothing to do with your firewall configuration.

PF, as you know, filters -packets- by rules related to framework (IP address, flags, protocol, port for TCP and UDP), and by state. It does not inspect data within the packets. Nor can it interpret any number of packets, assemble them, and interfere with communication at higher level protocols (such as SMTP, POP, or IMAP).

There is a built-in greylisting tool called spamd(8), which is used to reduce, but not eliminate, -incoming spam- from botnet sources, but incoming spam to a mail server, -not- to a workstation, and you are not running a mail server.

There are any number of tools that can be installed on your workstations, or, on your server, that can help the workstation mail clients -inspect- incoming mail and help classify the mail and then dispose of it, deposit it in a particular folder, or pass it through normally. These tools must be -integrated- with the mail client software being used. One popular tool for this purpose is SpamAssassin, which is in the Ports and Packages system as mail/p5-Mail-SpamAssassin, but there are many other options.

(If your are permitting outbound traffic for destination port 25 (SMTP), and are -not- restricting it to specific mail server addresses, you are not preventing your workstations from spewing spam in the event they are ever taken over by botnets themselves.)

Last edited by jggimi; 21st January 2010 at 06:04 PM.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
sshguard and packet filter sputnik OpenBSD Security 0 18th April 2009 02:11 PM
packet filter configuration. bsdnewbie999 OpenBSD General 1 23rd October 2008 08:54 AM
question about Packet Filter (pf) milo974 OpenBSD Security 2 31st July 2008 01:39 PM
Invalid capture filter: "not ip host "! ccc FreeBSD General 2 19th June 2008 08:12 PM


All times are GMT. The time now is 02:46 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick