Hi Danny, So, you allow LDAP queries from hosts on an anonymous access DMZ. How do you mitigate the security issues involved with that. Yes, I know the convention wisdom in some circles say don't accept mail to non-existing accounts, but then you have to allow LDAP from a very low security zone. A very poor compromise. Thomas W Shinder, M.D. Site: www.isaserver.org Blog: http://spaces.msn.com/members/drisa/ Book: http://tinyurl.com/3xqb7 MVP -- ISA Firewalls **Who is John Galt?** > -----Original Message----- > From: Danny [mailto:nocmonkey@xxxxxxxxx] > Sent: Tuesday, January 03, 2006 1:05 PM > To: [ISAserver.org Discussion List] > Subject: [isalist] Re: How I spent my Christmas vacation - > Email found in subject > > http://www.ISAserver.org > > On 1/3/06, Joseph Danielsen <JDanielsen@xxxxxxxxxxxxxxxx> wrote: > > Dan: > > > > In my case, I do filter Recp not in AD, but I read GFI's > manual which > > suggested that sending the NDR to spammers would simply > convince them to > > take the email address off of their list. Even IF that were > true (and > > it's not) the cost was too high. > > 1) Do not *send* (this means a new message; I am not referring to > rejecting the email in the original SMTP conversation [that should be > your goal]) NDR's to anyone outside of your domain/organization > 2) Do not accept email sent to recipients that do not exist! > 3) Do not send email to spammers > > > It seems as though I stopped making changes like that about the same > > time I stopped eating pills found on the ground...just to see what > > they'd do to me :) > > > > > Please don't beat me up on this one < > > Google: email backscatter > > ...D > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion > List as: tshinder@xxxxxxxxxxxxxxxxxx > To unsubscribe visit > http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > >