As for spam blocking, Postgrey (or an equivalent greylisting system) combined with a few RBLs is the best and simplest way to go.
As for solving your particular problem, I recommend blocking port 25 outgoing (use iptables) for all hosts except the mail server. That should stop any compromised LAN hosts from getting you blacklisted. On Jul 6, 2012 6:39 PM, "[email protected]" <[email protected]> wrote: > Postgrey is also worth checking out. > > On 6 July 2012 14:32, francis zziwa <[email protected]> wrote: > >> Kiggs, >> Use SPAM Assaasin and also ensure you use SMTP authentication using SSL >> certificates for all ougoing emails from the Outlook clients. >> I suspect you have a spambot on the networking which is automating the >> process of "sending out spam from that your LAN IP". >> Also look at: >> http://www.cyberciti.biz/faq/postfix-smtp-authentication-for-mail-servers/ >> >> >> http://postfix.state-of-mind.de/patrick.koetter/smtpauth/smtp_auth_mailservers.html >> >> Kind regards, >> Francis >> >> >> On Fri, Jul 6, 2012 at 2:22 PM, Kiggundu Mukasa <[email protected]> wrote: >> >>> >>> >>> I have a problem that maybe someone can help with >>> >>> I have a linux box with postfix (SuSE 12.1) at a client. The box is the >>> gateway. >>> >>> I am not in charge of the LAN Hosts so cannot vouch for them BUT have >>> been assured that they are all covered by the latest Kaspersky and have >>> been scanned again and again (this has been going on for a week) >>> >>> When i check the mail queue there is a lot of SPAM >>> >>> I finally got a log analyzer (pflogsumm) for the logs and here is what I >>> get (The important bits) >>> >>> >>> connections time conn. avg./conn. max. time host/domain >>> ----------- ---------- ---------- --------- ----------- >>> 2109 -583:-20:-59 -995s 301s 127.0.0.1 >>> 1964 16:43:25 31s 313s 41.190.3.96 >>> >>> >>> >>> Senders by message count >>> ------------------------ >>> 3889 [email protected] >>> >>> So the thing I do not understand is that it is saying the server itself >>> 127.0.0.1 sent 2109 messages >>> And the biggest sender address was [email protected] who sent >>> 3889 messages >>> >>> I have used >>> http://www.checkor.com/ >>> and >>> http://www.mxtoolbox.com/diagnostic.aspx >>> >>> And the server is not an open relay >>> >>> I have also checked the box and I am the only one logging in. >>> >>> Any clues anyone? >>> >>> Kiggs >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> -- Acta Virum Probant -- >>> >>> >>> _______________________________________________ >>> The Uganda Linux User Group: http://linux.or.ug >>> >>> Send messages to this mailing list by addressing e-mails to: >>> [email protected] >>> Mailing list archives: http://www.mail-archive.com/[email protected]/ >>> Mailing list settings: http://kym.net/mailman/listinfo/lug >>> To unsubscribe: http://kym.net/mailman/options/lug >>> >>> The Uganda LUG mailing list is generously hosted by INFOCOM: >>> http://www.infocom.co.ug/ >>> >>> The above comments and data are owned by whoever posted them (including >>> attachments if any). The mailing list host is not responsible for them in >>> any way. >>> >> >> >> _______________________________________________ >> The Uganda Linux User Group: http://linux.or.ug >> >> Send messages to this mailing list by addressing e-mails to: >> [email protected] >> Mailing list archives: http://www.mail-archive.com/[email protected]/ >> Mailing list settings: http://kym.net/mailman/listinfo/lug >> To unsubscribe: http://kym.net/mailman/options/lug >> >> The Uganda LUG mailing list is generously hosted by INFOCOM: >> http://www.infocom.co.ug/ >> >> The above comments and data are owned by whoever posted them (including >> attachments if any). The mailing list host is not responsible for them in >> any way. >> > > > > -- > Simon Vass > > > _______________________________________________ > The Uganda Linux User Group: http://linux.or.ug > > Send messages to this mailing list by addressing e-mails to: > [email protected] > Mailing list archives: http://www.mail-archive.com/[email protected]/ > Mailing list settings: http://kym.net/mailman/listinfo/lug > To unsubscribe: http://kym.net/mailman/options/lug > > The Uganda LUG mailing list is generously hosted by INFOCOM: > http://www.infocom.co.ug/ > > The above comments and data are owned by whoever posted them (including > attachments if any). The mailing list host is not responsible for them in > any way. >
_______________________________________________ The Uganda Linux User Group: http://linux.or.ug Send messages to this mailing list by addressing e-mails to: [email protected] Mailing list archives: http://www.mail-archive.com/[email protected]/ Mailing list settings: http://kym.net/mailman/listinfo/lug To unsubscribe: http://kym.net/mailman/options/lug The Uganda LUG mailing list is generously hosted by INFOCOM: http://www.infocom.co.ug/ The above comments and data are owned by whoever posted them (including attachments if any). The mailing list host is not responsible for them in any way.
