How can I stop incoming email from an IP address if the IP address is
entered in the TCP Filter to deny access to alI ports and mail is
still reaching our servfer? Iam running a Mac mail server using ASIP
6.3 running OS9 and have setthe TCP Filter to deny access to certain
IP addresses which were identified as junk senders. Mail from those
IP addresses is being still being received by email clients on our
server. |
Request for Question Clarification by
maniac-ga
on
28 Mar 2004 18:57 PST
Hello Rontu,
Hmm. As a long time Mac user I can understand the problems you are
having, but it may best if I suggest one or more alternative
approaches.
There appear to be several problems with AppleShare IP 6.3 and the
mail server that may be difficult to avoid. For example:
http://www.mrbarrett.com/mirrors/ASIP_Black_Magic.html
describes several problems - with some workarounds. Some of the
workarounds will disable TCP filtering and the document repeatedly
suggests looking at
http://www.opendoor.com/
for TCP filtering. Opendoor makes a variety of network services for
Macintosh. The firewall in particular was picked up by Norton
http://www.symantec.com/sabu/nis/npf_mac/
which for a moderate cost (about $70) gives you a more capable
firewall including by port and by address filtering, monitoring, etc.
This may be enough for your site - I'm not sure.
Another good reference is:
http://www.macintouch.com/mailserverrelay.html
which has descriptions and a number of additonal links about operating
a mail server securely. It also [sarcastically] notes that Apple uses
Netscape Messaging Server on iTools.mac.com. There are other
suggestions to use Communigate Pro.
Please let me know if you want an answer that gives you options [of
similar products] instead of trying to fix the broken software
directly. I would make sure the products recommended will work on OS 9
and if an upgrade to run on OS X is available.
If not, you may want to describe the steps you have taken already so
we can avoid recommending the "failing" methods. I would also try to
provide other references on "best practices" to help secure your
systems.
--Maniac
|
Clarification of Question by
rontu-ga
on
29 Mar 2004 03:03 PST
To clarify, I want to address this issue only for a mail server - we
don't have a website. We will soon move to OSX Server but for now are
on ASIP 6.3. Our server is on a network that is behind a Netopia
Router running NAT.
This stiuation is I enter an IP address in the TCP Filter of ASIP 6.3
to deny access to all ports such as 216.21.229.*** . We continue to
receive junk mail on our client machines that shows it comes from
216.21.229.105 or 216.21.229.112 etc. My question is how to cure
that. It seems that my putting an IP address in the TCP Filter to
deny access in some cases works and in some cases does not.
I'm finding that mail from the IP addresses I'm trying to block is
arriving under numerous different domain names all using the same IP
address - I'm seeing this in the Host List when I run the MacOS Admin
and check the statistics for names on the Host List.
Thank you,
Rontu
|
Clarification of Question by
rontu-ga
on
29 Mar 2004 03:06 PST
I have not tried anything to date except to block IP addresses in the
TCP Filter. I would like to find a remedy first by using ASIP 6.3
avoiding addl software if possible.
|
Clarification of Question by
rontu-ga
on
29 Mar 2004 08:36 PST
I took a look at Norton's Personal Firewall - it's NG because it
requires OS9.2 and the server is running OS9.0 - can't upgrade to
OS9.2 unless I upgrade the version of ASIP which I don't want to do
since we'll be soon abandoning it and moving to OSX Server.
I looked thru the remaining info you cited but don't see a remedy yet
to my initial query.
Thanks
Rontu
|
Clarification of Question by
rontu-ga
on
22 Apr 2004 19:25 PDT
Junk mail is still being received from IP addresses that are entered
to deny access to all ports in the TCP Filter on ASIP 6.3 -
|
