Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 7 replies
  • Answers 2 answers
  • Subscribers 39 subscribers
  • Views 1033 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Black listed server

Jesus Campos

Hi,

I have had a web server continuously marked in cbl.abuseat.org blacklist. I can't find which one it is... I know that I can block the port 25, but I would like to know wich one is the spammer....

Any ideias how to find it in logs?

Best regards.



This thread was automatically locked due to age.
Parents
  • 0

    As suggested, here the thinks that I did:

    • I blocked all host to access to the port 25 except the 2 mail server.
    • Configured all server to use a relay host with one of the internal mail server.
    • To users that want use external mail servers, opened the port 587 and 465.
    • Will monitor mail log in the internals mail servers.

    Still 2 questions:

    • I had to disable the scan SMTP in the rule of the internal mails servers because the SNAT rule. I have 2 SNAT rules to decide which external ip use in each mail server. Exist some way to do the scan in the sophos and make a SNAT based on the origin of packet?
    • Exist some way to read firewall log in console?

    Thanks.

Reply
  • 0

    As suggested, here the thinks that I did:

    • I blocked all host to access to the port 25 except the 2 mail server.
    • Configured all server to use a relay host with one of the internal mail server.
    • To users that want use external mail servers, opened the port 587 and 465.
    • Will monitor mail log in the internals mail servers.

    Still 2 questions:

    • I had to disable the scan SMTP in the rule of the internal mails servers because the SNAT rule. I have 2 SNAT rules to decide which external ip use in each mail server. Exist some way to do the scan in the sophos and make a SNAT based on the origin of packet?
    • Exist some way to read firewall log in console?

    Thanks.

Children
No Data
Unfiltered HTML