Postfix SMTP Monitoring

10speed705 · 06-06-2009, 10:17 PM

Hello all,

I am looking for some effective ways to monitor my smtp server and fight the battle of spamming. what we normally do is monitor the IP address and then peg off the ones that do not belong to our network. I am curious if anyone else have suggestions as it is rather difficult to find spam coming from computers within our network and IP pools. with a rather large amount of virus's now sending mail and most client computers being infected due to poor use and security on home computers it is getting rather difficult. any suggestions would be great

linusali · 06-07-2009, 04:22 AM

Why don't you use spamassasin for blocking the spam?

Regards,

10speed705 · 06-07-2009, 10:25 PM

We offer smtpauth/sasl connections on outgoing and in alot of cases smtp auth is compromised mainly as a result to phising. need some way to watch it in the mean time

scheidel21 · 06-18-2009, 08:49 AM

Maybe amavis-new might assit you it will interface with spamassassin and any of several AV apps both commercial like Kaspersky and opensource like clamav It shouldn't have an effect on authentication as postfix will do that, what happens it postfix will recieve the mail and pass it to amavis on localhost

ort then amavis runs it through the process and then spits it back to postfix on locahost

ort2 and postfix does what it needs with it, like sending it out, or sending it to your local mailserver for placement is user mailbox. All you need to do is setup quarantine mailboxes for various things in case of misidentification.

RJ76 · 06-19-2009, 10:23 AM

I use the open-source MailScanner with ClamAV, spamassassin and MailWatch (web interface for MailScanner) on my mail gateways which does (if you configure it) everything you require (and a lot more). I have found it to be a fantastic and highly customisable system.

MailScanner interacts with a number of MTA's (Postfix, Sendmail, Exim and probably a few more), and SpamAssassin for spam detection, plus a whole load of virus Scanners (including ClamAV which is open source and free!).

You can use a number of different spam and phishing fighting techniques and technologies with MailScanner, too many to name here, and indeed your MTA. Its well worth investigating as I`ve been running it for years and its been brilliant.

The MailWatch web interface allows you to monitor email flow to and from your servers and also and manage black/whitelists all from a web interface, and its all stored in a MySQL database.

Its well worth visiting their site: http://mailscanner.info, there is a lot of useful info on there to get you started.

Hope this helps, its just one suggestion which has proven invaluable to me. Good luck with your spam and virus fighting!