Any way I now I do have a graph of out bound smtp traffic stats and know if any system is behaving unusually.
yup - mrtg and look for sudden spikes in outbound traffic - throw a shaper / QoS the traffic down if you sense something going on.
In fact there's a rather good product that does just this - http://www.spamsquelcher.org (kind of an IDS - but looks for spam patterns, works on the principle that spam and DDoS can be combated in much the same ways)
all proxy ports are blocked from outside to our dynamic customers. So it's a compromised machine.
Be aware that there are several trojans that open up proxies on random higher numbered ports, and then phone home to the trojan author - he can then use those to send out spam. There was a wired mag article about this as well, if you want to dig for more details.
Hm.. I have tried mailing them. but no response, excite took about 2 months. They all want spammers to be shut down immediately, but open the block at their leisure.
That is sometimes a problem that I have encountered.
Email me offlist. Maybe I can help.
srs
-------------------------------------------------------
This SF.net email sponsored by: Enterprise Linux Forum Conference & Expo
The Event For Linux Datacenter Solutions & Strategies in The Enterprise Linux in the Boardroom; in the Front Office; & in the Server Room http://www.enterpriselinuxforum.com
_______________________________________________
linux-india-help mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/linux-india-help
