OT: Linux question
Fairlight
fairlite at fairlite.com
Tue Jun 14 12:18:12 PDT 2011
Confusious (Bob Thomason) say:
> Since some of you on this list are linux gurus, I'm posting the following
> request.
>
> I have a client who is running a linux firewall and email is passing thru
> to a backend email server (btw I support the fw server). Email server is
> Lotus Notes.....I think. So the firewall is not logging email traffic
> except for outgoing (port 25).
>
> The problem is that my client has over 100 machines on their
> lan.......some in remote locations ....and they have had a problem(s)
> with virus/malware issues on one or more machines.
>
> What we are looking for is a way to track email traffic that will allow
> us to identify traffic to a machine that may be suspicoius.
>
> The logs from the internal email server are not sufficient.
>
> Any suggestions?
You don't say -exactly- what information you want to track that is not
sufficient in the mail logs.
What -do- you want to grab from each message?
Are you purely using the linux box as a firewall, or are you using sendmail
or another MTA as a relay to the Lotus Notes machine?
mark->
--
Audio panton, cogito singularis.
More information about the Filepro-list
mailing list