I recently redid some network configurations and no longer need my Cisco
routers which had all my anti-spam access lists in place. I'm considering
putting similar packet filters in my PM2e's (which are in essence my
routers now) to deny smtp packets from known spamhauses and relayers. I've
read through the Configuration and Command Line guides, but am still a
little confused as to the implementation of filters on the portmaster
products.
1) The Configuration guide deals more with permit filters than deny
filters. Does this mean that once you implement any filters on a pm you
have to specifically permit packets or they'll be denied? Or can you just
implement a set of deny filters and everything else will pass through?
2) Say I wanted to deny smtp packets from a known spam domain's class c
and I've added a filter as "spam.in". Would this be the proper syntax to
do so?
set filter spam.in 1 deny 209.136.153.0/0 0.0.0.0/0 tcp dst eq 25 log
If not, where did I mess up? :)
3) What is the impact on the pm's performance by putting these filters in
place, assuming that the list of filters is not huge but maybe 25 or so
entries? Is using a Choicenet server a better option than having the
filters on the pm itself?
Thanks for your help,
Todd Jagger
-
To unsubscribe, email 'majordomo@livingston.com' with
'unsubscribe portmaster-users' in the body of the message.
Searchable list archive: <URL:http://www.livingston.com/Tech/archive/>