SurgeMail Archive: Re: [SurgeMail List] Re: what log files to look thru for to catch a spammer

Subject:	Re: [SurgeMail List] Re: what log files to look thru for to catch a spammer
From:	surgemail-support
Date:	24-Feb-2016
You could try the same trick isp's use. Internally on your firewall block port 25 from everything other than your mail server. email clients inside your network should be using port 587 to talk to outside mail servers, (or your mail server internally)... ChrisP. On 25/02/2016 11:34 a.m., surgemailHIDDEN@etwinsite.com wrote: > Thanks Chris, > > Unfortunately Comcast chooses not to play in an "ideal world". I guess I should be thankful they let me know anything at all before summarily chopping me off at the knees... The best they could offer was an indication of what IP the spam was coming out of. They definitely were not interested in looking at time windows or providing a sample. > > I have been monitoring my port 25 connection traffic on my firewall occasionally hoping I might find a burst of outbound and found nothing so far. So maybe I got it with irradiating the single trojan I found on one workstation. > > Thanks again. > > DaveC > > > surgemail-support <surgemailHIDDEN@t@netwinsite.com> wrote: > Ideally you need a sample spam message to back trace into your system to be 100% sure.... most places will at least give you a 'time window' > when it occurred so you can at least examine outgoing messages in that time period to see if anything looks suspect. > > One thing to be aware of is that back scatter could be the problem, although the normal settings in surgemail make that unlikely. > > ChrisP. >

Last Message | Next Message


Search website: