[CentOS] How to handel smtp to public servers

Wed Jun 27 09:15:30 UTC 2012
Götz Reinicke <goetz.reinicke at filmakademie.de>

Am 27.06.12 10:29, schrieb Fajar Priyanto:
> On Wed, Jun 27, 2012 at 4:23 PM, Götz Reinicke
> <goetz.reinicke at filmakademie.de> wrote:
>> Hi,
>> we do have some subnetworks for private computers, which are allowed to
>> use there public smtp servers like msn, web.de or whatever with the
>> users private accounts.
>> All our own computers have to send mail trough our mailserver with user
>> authentication.
>> From time to time we are faced with the fact, that a virus infected
>> private notebook sends spam and we are told by our ISP to take care :)
>> What might be a good choice to allow clients to send unrestricted
>> transparent mails (= use smtp(s)) but we can monitor? E.g. like a
>> redirect or proxy for smtp?
>> I like to know which private computer sends lot of mail. :)
> Hi,
> 1. Many malware have their own smtp and can send spam directly.
> To overcome this, block port tcp 25 on your gateway, and only allow
> your mailserver.
>>From the firewall log then you will know which client is infected.
> 2. In the case that the malware use your mailserver to send the spam,
> there are plugins to log how many email sent by which client.

Hi, thanks for your suggestion. But for the mentioned clients thats not
possible. :/ (For our own we do exactly as you suggest :) )

We do have about 100th of freelancers 'flying in and out' of our academy
which we cant 'restrict' by forcing tham to change there clients settings.

But may be we have to think about that if thats the only chance we have....

Götz Reinicke

Tel. +49 7141 969 82 420
Fax  +49 7141 969 55 420
E-Mail goetz.reinicke at filmakademie.de

Filmakademie Baden-Württemberg GmbH
Akademiehof 10
71638 Ludwigsburg

Eintragung Amtsgericht Stuttgart HRB 205016

Vorsitzender des Aufsichtsrats:
Jürgen Walter MdL
Staatssekretär im Ministerium für Wissenschaft,
Forschung und Kunst Baden-Württemberg

Prof. Thomas Schadt