rssLink RSS for all categories
 
icon_red
icon_green
icon_red
icon_red
icon_blue
icon_green
icon_green
icon_red
icon_red
icon_red
icon_orange
icon_green
icon_green
icon_green
icon_green
icon_blue
icon_green
icon_orange
icon_red
icon_green
icon_red
icon_red
icon_green
icon_red
icon_red
icon_red
icon_red
icon_orange
icon_green
 

FS#4889 — FS#8819 — anti-spam network

Attached to Project— Network
Maintenance
Whole Network
CLOSED
100%
We are carrying out setup tests on the duplication of outgoing email flow.
The idea is to duplicate all the traffic created by customers, going out
through port 25 (smtp) on an anti-spam network, and then to analyse the sample of
emails leaving our network in real time by IP, in order to control
whether the IP sends spam or not.
If we detect an IP that does send spam, the aim is to be able to block the
flow of (only) port 25, in less than 5 seconds after spam is first detected.
All this without affecting the service performance for the customers
that do not spam.

In actual fact, we have far too many spam issues and it isn't enough to shutdown the
servers a few hours after having detected the spam. It's too late.
It must be done in real time and must be able to block the flow in a matter of
seconds. So we are thinking of how to successfully cleanse our network of spammers
(who can order servers like everyone else, in just a few minutes)

Date:  Thursday, 01 August 2013, 01:20AM
Reason for closing:  Done
Comment by OVH - Monday, 17 June 2013, 16:26PM

The duplication of outgoing smtp flow has been set up.

We have 2.5Gbps to analyse in real time.


Comment by OVH - Wednesday, 19 June 2013, 13:37PM

We are thinking of launching the R&D in a few days,
the time it will take to build the server powerful
enough to perform all analysis operations locally,
then extracting only the stats on the amount of spam by IP.