Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
354
Views
0
Helpful
3
Replies

BLACKHOLE LIST IMPLEMENTATION

dthomaz
Level 1
Level 1

‎03-03-2005 09:48 AM - edited ‎03-09-2019 10:31 AM

I would like to know where is the best place to implement a blackhole list against spammers.

@ the PIX rules

@ the BGP border router

Thanks,

Dave

Labels:
0 Helpful
3 Replies 3

shannong
Level 4
Level 4

‎03-04-2005 08:35 AM

What type of mail server do you have? I would recommend a dynamic RBL server rather than trying to maintain ACLs on a network device.

I would recommend that you do it on the pix.

1.It is by design meant to be the central point of access control to the outside world.

2.The use of turbo ACLs allows the pix to use very long ACLs very efficiently, with all lookups being done in a hash table in 5 steps.

3. The use an object-group would make the administration simple. Rather than modifying an ACL, you would simply add a new address to the object-group that is already referenced in an ACE.

0 Helpful

dthomaz
Level 1
Level 1
In response to shannong

‎03-04-2005 09:09 AM

Do you have a URL to a config sample? Does it work with PIX 6.2?

Thanks,

Dave

0 Helpful

shannong
Level 4
Level 4
In response to dthomaz

‎03-04-2005 10:34 AM

If you're talking about object-groups, the URL below explains their use.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a00800d641d.shtml

0 Helpful
Customers Also Viewed These Support Documents