Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
How to Block Files on Domino R5.
- Thread starter ckchia
- Start date
Hi ckchia!
1. You should block receiving mail on your SMTP from "ill-behaved" IPs like I did: I've denied receiving from most anonymous proxies, open relays (see and so on.
2. If you can't do (1) because of any reason, you should consider to use 3rd party SMTP server with antiviral capabilities.
3. You may buy special LN-compatible antivirus like KAVLotus (Kaspersky Labs) Sergei "the Scandalist" Agarkoff
FIDO://2:5041/1
ICQ://124323894
1. You should block receiving mail on your SMTP from "ill-behaved" IPs like I did: I've denied receiving from most anonymous proxies, open relays (see and so on.
2. If you can't do (1) because of any reason, you should consider to use 3rd party SMTP server with antiviral capabilities.
3. You may buy special LN-compatible antivirus like KAVLotus (Kaspersky Labs) Sergei "the Scandalist" Agarkoff
FIDO://2:5041/1
ICQ://124323894
We use TrendMicro NeatSuite 3.5 and Interscan (with content Management) and find it does a good job of blocking almost any type of spam and/or email with attachments.
Also, on Lotus recently introduced a download in the "Iris Sandbox" portion of the R5 Gold forum that will delete spam at the user/in-box level by using a modified mail template. There are also things you can do at the configuration document level to block delivery of mail from specific ip addresses and domains.
Good luck!
Also, on Lotus recently introduced a download in the "Iris Sandbox" portion of the R5 Gold forum that will delete spam at the user/in-box level by using a modified mail template. There are also things you can do at the configuration document level to block delivery of mail from specific ip addresses and domains.
Good luck!
I have nothing bad to say about TM's antiviral soft, but I have very little experience with it: only with version included with FixIt Utilities. "My" Kaspersky also works just fine.
As to blockade, I using two main methods:
1. See paragraph (1) of my previous answer and your own suggestion about "configuration document". But this metod have one disadvantage.
It requires server to work hard prohibiting connections, analysing documents, writing logs and so on... But why the Domino server must do such crappy job? No, it does not! So, I combining "m1" wityh method 2:
2. We've set up "routing & remote access" service on win2k where my main server is installed. And now I blocking annoying IPs directly in "inbound filters" tab of "connection properties".
And now the IPs are checked and rejected if necessary BEFORE they reach server. For example, many USA' one relays tried to send spam via my server. Now most of them (.att.net, global-something.com and many others) are blocked. Using netmask I blocking entire subnets of C/D classes and even 2 or 3 nets of class B.
Advantage: no shit in server's log, no unnecessary delays in server's operations and so on...
I think that the spam/virus protection measures should not rely on only one method: "armour vs bullet confrontation" But two-three-layered active armour is much better than even very good and very thick but one-layered passive armour. ;-) Sergei "the Scandalist" Agarkoff
FIDO://2:5041/1
ICQ://124323894
As to blockade, I using two main methods:
1. See paragraph (1) of my previous answer and your own suggestion about "configuration document". But this metod have one disadvantage.
It requires server to work hard prohibiting connections, analysing documents, writing logs and so on... But why the Domino server must do such crappy job? No, it does not! So, I combining "m1" wityh method 2:
2. We've set up "routing & remote access" service on win2k where my main server is installed. And now I blocking annoying IPs directly in "inbound filters" tab of "connection properties".
And now the IPs are checked and rejected if necessary BEFORE they reach server. For example, many USA' one relays tried to send spam via my server. Now most of them (.att.net, global-something.com and many others) are blocked. Using netmask I blocking entire subnets of C/D classes and even 2 or 3 nets of class B.
Advantage: no shit in server's log, no unnecessary delays in server's operations and so on...
I think that the spam/virus protection measures should not rely on only one method: "armour vs bullet confrontation" But two-three-layered active armour is much better than even very good and very thick but one-layered passive armour. ;-) Sergei "the Scandalist" Agarkoff
FIDO://2:5041/1
ICQ://124323894
Wow, you're good. I am in a small environment (1 combination Domino mail/application server) with only 50 users. So, I don't have a situation where my server is taxed too heavily. But, I see your point.
My contract network engineer and I decided to go the easiest route, to be honest, and let third part software take care of our situation. It has been fairly effective, although the Interscan had some bugs and needed a patch applied to work optimally. TM NeatSuite w/TM Interscan 3 with content management is loaded on a separate server than my mail, so all incoming/outgoing mail goes to the virus wall/interscan connector to be checked, then comes into my mail server. Nothing really logs that much to my mail server now, except mail routing info, i.e.-sent to ip.address.tmserver, and mail received from same.
But, I will forward your info to my network engineer.
Thanks!
My contract network engineer and I decided to go the easiest route, to be honest, and let third part software take care of our situation. It has been fairly effective, although the Interscan had some bugs and needed a patch applied to work optimally. TM NeatSuite w/TM Interscan 3 with content management is loaded on a separate server than my mail, so all incoming/outgoing mail goes to the virus wall/interscan connector to be checked, then comes into my mail server. Nothing really logs that much to my mail server now, except mail routing info, i.e.-sent to ip.address.tmserver, and mail received from same.
But, I will forward your info to my network engineer.
Thanks!
As to my environment, I working in Russia State Pension Fund, the division on Jewish Autonomous Region, local HQ.
At here we have about 100 local users with one server 5.0.10a and 4 districts with 10-15 users and one server in each.
Using dialup networking districts calls to us, and using internet we contacts with some of main HQ's servers.
So, security ("the data security" and "viral security"
is very important issue. But the most problem is the spam and relaying.
Your "mail pre-checking" is good idea, but I still think that the IP stack must defend your env from spam. I see no any necessity in spending of time to filter that sstuff using "normal" (non-system) programs: "The machine must work while human must think!" (IBM)
Sergei "the Scandalist" Agarkoff
At here we have about 100 local users with one server 5.0.10a and 4 districts with 10-15 users and one server in each.
Using dialup networking districts calls to us, and using internet we contacts with some of main HQ's servers.
So, security ("the data security" and "viral security"
is very important issue. But the most problem is the spam and relaying.Your "mail pre-checking" is good idea, but I still think that the IP stack must defend your env from spam. I see no any necessity in spending of time to filter that sstuff using "normal" (non-system) programs: "The machine must work while human must think!" (IBM)
Sergei "the Scandalist" Agarkoff
- Status
