I think I located the problem. I discovered through one of the blacklist hosters when exactly they received the spam and that helped me track it to a virus infected windows box.
> > Using nmap / tcpdump / snort to find rogue SMTP hosts is the next step I > would pursue. Remember though, your hosts may not be causing the spam > and it could instead be spoofing of some kind. For that, you can't do > anything except talk to the mail providers that blacklisted your domain > and get things cleared up. These utilities where the direction of what I was looking for. Thanks for that - I will look at the use of each and how I can trace what is going on for future reference. > Ultimately, I suggest switching to entirely AUTH based SMTP though to > prevent this issue from occurring. You can either block port 25 from > being routed or use net/smtptrapd (see <http://smtptrapd.inodes.org/>). done. Thanks Garret _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
