Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
we are having problem in our network related to spams and viruses.
the setup of our network is like this.
all of our clients are connected to out gateway which has Microsoft ISA server and goes out to our ISP, and we don't have any local mail server. our emails and website are managed by outside company. we only get to login to the CPanel where we can add/forward and manage our emails.
now the problem is happening every 2 or 3 days, our IP address gets blocked by the Email provider, where we can't send/receive any email.
Or it gets blocked by ISP where only sending stop working. (port 25)
now though our Antivirus is scanning our computers and deleted what ever it finds but still its not enough ( we are using Epolicy Orchestrator 4.5) from Mcafee which has antiSpam utility only for Exchange server.
I am responsible for this network and thinking of configuring Microsoft Exchange server and using the spam utility in McAfee to scan the emails
Or get a linux box and configure the mail server on it?
now my question is if i go with the linux box and configure Mail server on it will that help me getting rid of the spam and eventually our IP won't get blocked?
and if so how that would happen?
You got to get a more detailed report from your ISP, on what is blocking your email.
Installing another mail server does not look like a solution for you.
It may be a local computer, that is infected with something, that is for you to find out, as soon as your ISP tells you what's really going on.
Setting up a corporate mail server on Linux can be a major piece of work, and nothing you will want to do, unless you have to..
thanks for your reply,
the only detail we get that we are sending too many spams and our IP address is blocked on port no 25, the problems is we are not able to monitor the situation. its like we have no control over it. though we check the pcs on our network there are some viruses but even after they are cleaned out still we have the problem.
What i am trying to do these days is upgrade our windows to SP3 and install IE8 with all the security upgrades. hoping this might give us a good result..
i am open for any other suggestions...
There has been a couple of years since I used ISA server, but I remember that it has excellent logging/tracing facilities, so if all your traffic goes through that server, then there should be no problem to start a trace on the ISA server and find out which pc is sending the e-mails.
Just add some criteria like outgoing port 25 (or whatever port you are using to communicate with your external mail manager), and a look in the trace log will reveal any suspicious traffic.
I cannot help you with more details on tracing with ISA, but search for "isa server packet filtering" on google, and you should find some useful info.
From various threads around this forum, it sounds like you may be having an issue relating to mail relay. If you do a search for "mail relay", particularly in the Security forum, you should find some good tips as to how to track it down and fix it.
Because of this, I have moved this thread over to Linux-Security.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.