Security :: Spam Filter Software For ISP Environment.
Jan 24, 2011
We operate a small ISP and are currently using a debian distro as our gateway server.Recently we have had an increased number of spam issues with customers (not them sending it directly, rather the customer getting infected with a virus/malware and then their computer becoming a bot).I'd like to set up another gateway of sorts to sit after our authentication gateway but before our backbone to provide spam filtering (and hopefully virus filtering) for any traffic passing through which might be email.I've tried searching for any linux based software which would suit, but I'm coming up empty.
Surely there's something already out there which can perform this task.Finally, just to clarify, I'm not talking about spam filtering for email accounts we host ourselves (this is built into our mail server); I'm talking about spam originating from customers PC's which is passing through our gateway (but not our mail server).
View 1 Replies
ADVERTISEMENT
Feb 26, 2010
I followed this How To (https://help.ubuntu.com/community/Postfix) in order to add smtp authentication to my Postfix installation used as spam filter for my exhange server, and it'seem all ok; the only thing that I don't understand is where I list all the users (with passwords) that I authorize to send mail through my server...
View 3 Replies
View Related
Nov 4, 2010
1.Have installed ubuntu 10.04 on 2 pc's both run xp on 1 pc boot up selects xp the other selects ubuntu as the first choice. Why?
2.How do I uninstall ubuntu, and what effect will it have on xp ( both imported xp documents and settings ).
3.Do I need an antivirus or spam/malware filter?
View 4 Replies
View Related
Jun 22, 2011
I want to read my emails locally using Evolution & Thunderbird or some other mail client. I have bought a new domain and would want incoming emails sent to this domain ids to be scanned by a virus scanner & spam filter.I have read that MailScanner + SpamAssasin is a good combination/option. Are there any others for my requirement.I am not a Linux/Ubuntu expert - so a detailed step by step tutorial to set this up is what i am looking for.I am using Ubuntu 10.04 home user.
View 2 Replies
View Related
May 2, 2011
I have a system running at home that uses Getmail to retrieve mail from my ISP's pop server. Dovecot then offers that mail over IMAPs to my desktops running Thunderbird.
The reason I have resorted to using Getmail is because I don't have a static IP (from my ISP) for my server, and thus this server doesn't act as an MX.
I have implemented Spamassassin in my Getmail script as described here.
From further research, I understand that in order to fully utilize Spamassassin 's potential, I have to resort to training it with SA learn.
Currently I still receive spam messages, but 50% of spam is marked as ****SPAM****, and the other half is not marked at all.
My question is this:
1) How do I get getmail to move messages marked as spam by spamassasin to be moved to a JUNK folder within my mailbox automatically?
2) I thought of creating a folder where my users can move messages they deem to be spam, and set up a crontab script to invoke salearn regularly on this folder to get the bayes engine to learn from it. Is this the correct way of doing it?
View 6 Replies
View Related
Feb 8, 2010
I am new comer in this forum and the beginner on freeBsdI have a problem on how to implement the spam filter program on mail server, the problem is i have no idea on how to implement and test the spam filter program on the mail server and where should i put the program? is it in pop3?
View 3 Replies
View Related
Dec 26, 2010
When i run
Code:
I sometimes see
Code:
So i'm wondering if this means my ubuntu server box is being used for spam or something? There are no other (human) users on the computer and i don't use it to send mails.
I've run
Code:
In paranoia, but still when i run
Code:
I get
Code:
And sometimes
Code:
Just thought i should ask before starting the tedious process of reinstalling and restoring the system.
View 2 Replies
View Related
Nov 18, 2010
We have a spam in our network and we installed antivirus in all our systems and cleaned the virus from all pc's after that i had removed my ip from the database of blocked ip's but still my ip is blocked for sending spam i don't know from which pc the spam is going on the internet.
so i have a question that my proxy server is redhat linux and as a newbie i don't know the command's to find out which pc is creating large bandwidth to the internet. If you tell the command how to see which pc is sending spam then i will discard that pc. Also i want a strong firewall to stop spam activities.
View 6 Replies
View Related
Mar 8, 2010
I, as many here, have friends on different IM accounts (and btw, so great that we have pidgin and empathy and not have to deal with 3 different softwares to talk to them) and of all that I have... which are not so many... one of them sends me spam, not all the time, but it happens and I kind of feel sorry for her so I'd like to see if there's a way for her to retake control of her account or if she can't do anything at all with it.
I have other friends in MSN but I get spam only from her and she's given up on how to fix it cause she doesnt know how to. I did a search (and keep looking for more in the web) and so far it doenst look promising (but is also because I dont know what else to do). The problem is I get messages which I know for sure are spam, cause her english is more limited and the messages are very polished in that regard.
I got this from another discussion elsewhere: "troutbot = These bots get your IM from scraping the Internet screenname and connect you randomly to someone else. While you're talking to the troutbot, they're just an intermediary connecting you to some other guy who also had his IM scraped." So far the times I get spam... the other side never answers, but if my friend is online she can. I thought that on these IM services... if you are logged in nobody else can log in with your username/password...
View 4 Replies
View Related
May 3, 2010
After reading everything that says you don't need an anti-virus for Linux. OR Linux doesn't get viruses. Guess what I have a Virus. I don't know which one, but it is sending out spam emails from my webmail, MSN, account. I do not have a local client installed. I am guessing it is linking into MSN through Pidgin, getting the addresses there, and sending the spam, somehow, through MSN. Actually one MSN and one Hotmail account. I also have not been able to find an anti-virus program for Ubuntu. There do not seem to be any listed in the software repositories that Ubuntu links into. How do I get rid of it? My contacts are starting to get upset.
View 9 Replies
View Related
Jan 25, 2010
Take a peek at this:
Code:
Jan 23 20:15:01 localhost CRON[22629]: pam_unix(cron:session): session opened for user root by (uid=0)
Jan 23 20:15:01 localhost CRON[22629]: pam_unix(cron:session): session closed for user root
[code]....
View 3 Replies
View Related
Oct 7, 2010
I have a server with a couple of sites on it. Some of them have a webform where people can send them emails that they are interested in their work etc. though the "To:" and "From:" adress can't be change by the enduser, you can only enter text and press send. However it seems that someone (not on the server) has found a hole/exploit to use those webforms to send mails to who ever he wants.. I have the webserver setup with ssmtp (simple smtp) and it just forwards the mail sent from the server to my mail-server and there on it sends it out on the internet. If I check my log on the mail-server I can see the whole smtp session, where it's comming from and where it's going etc. I see that it comes from my webserver and over there I only have these log entries:
Oct 6 22:04:47 ettan2 sSMTP[1771]: Sent mail for itaumail@itau.com.br (221 2.0.0 Bye) uid=204 username=torget outbytes=3290
There are loads of those log entries, mostly at after office-hours between 17:00 and 7:00 I have scanned through all the Apache logs and can't find Anything that point to the e-mail addresses used or something like that. The reason I found this out was because he tries to send to a host that doesn't allow connection on port 25 so all the mails got stuck in the queue, over 1000 atm.. I'm using Apache 2.2 and Postfix 2.6 on a Debian Lenny install. What can I do to find out how he's doing this and close the "exploit"? Who would you recommend to setup the mail() thing in PHP for most security?
View 6 Replies
View Related
Apr 30, 2009
I just setup SpamAssassin and what not following this tutorial
[URL]
I am using CentOS 5.3. I was half way through that and got an email that had ***SPAM*** in the subject. Haven't received any more. First of all I want to know if spam will still get delivered, and just have a modified subject. Second, I want to know how to set it up so Spam goes to a user's spam mailbox (Virtual Users). And third of all, is it possible to disable spam filtering on a user basis, preferably using MySQL tables? Is it possible for users to mark a message as spam, and all further messages sent from that address will be sent to spam folder but only for that user?
EDIT: Yes spam is getting delivered with a modified header, on the server site, how can i deliver to spam folder? how to create IMAP virtual mailboxes on request without having to send an email to them first? Using virtual users with Courier Imap
View 3 Replies
View Related
Apr 28, 2011
I have open ports on my computer for vsftpd, pptpd, and I need help to filter this ports because they aper as open ports on internet, and this is pretty risky
View 3 Replies
View Related
Jun 10, 2010
What is a good IP filter/firewall program? Seeing as how I like free softwares, I download a lot of torrents. When I was using Windows, I used PeerBlock (the newer fork of PeerGuardian), however, it's not available for Linux. What would be a good alternative for this in Linux? I tried iplist as it has a GUI, and it was extremely buggy and blocked random web pages even after I put them on the exceptions list. And MoBlock has no GUI from I understand, nor has it been updated in years.
View 9 Replies
View Related
Aug 6, 2010
We have approximately 100 retail locations that will have split vpn tunneling. Intranet traffic will flow over the vpn to the corporate headquarters, voip traffic will tunnel to a regional hub and internet bound traffic will go over the local isp. The retail locations are small with 1-8 users and no enterprise grade equipment (servers, etc). This setup in effect will render our current content filtering solution useless.
The locations will be equipped with Cisco ASA 5505 Firewalls. The original plan was to use a Websense server and the url filtering feature to act as a content filter. I just found out that pricing for Websense was not included in the budget will be a show stopper.There may also be some performance issues with this method. Putting a proxy server at each location is not really an option. We do not have the resources to place a server at each location, plus the users could simply unplug an inline device or go around it. There is minimal supervision at most of these locations.
Ideally, I would like to find a way to use something like Dansguardian with an ldap interface and the url filtering feature of the ASA firewalls. I found a program called n2h2p, but I can find 0 documentation for it. It is also 2 years old with no updates. I also need to be able totrally manage this as trying to keep up with 100 different configurations for 400 users would be virtually impossible for the amount of time I will have available
View 9 Replies
View Related
Jul 10, 2011
Does anyone know the iptables statement that will block inbound SMTP messages that are NOT S/MIME encrypted?
View 1 Replies
View Related
Apr 12, 2010
I have been assigned a task to implement a free open source content filter having feature of web, email, instant messaging etc. If any one has the information or worked on this type of product please share it.
View 8 Replies
View Related
May 19, 2010
How to filter condition based on full hostname? ie. allow inbound packets to port 25 if the packet comes from [URl]..
View 1 Replies
View Related
Aug 26, 2010
so how can I locate a printer behind a firewall? Is it possible to enumerate the subnet behind a router ( even if a connection has not been marked)?
View 3 Replies
View Related
Aug 25, 2009
I currently have the following email server set up:
Postfix with mysql backend
Dovecot
clamav
spamassassin
amavisd
And it all works great. However I would like it for amavisd to forward all the marked spam into a folder on each user account, but I cannot figure this out.
View 5 Replies
View Related
Mar 8, 2010
I have a batch job which logs in to the server every 10 minutes via windows rsh. The job checks to see is there are any files that need to be send via a EDI serverto a supplier.The following logwatch report is swamped with the login messages and would like to either suppress the logging in PAM? or suppress the entry in the logwatch report?But I still want logging id the username is not username1.Connections (secure-log) Begin rshd[1754]: pam_rhosts_auth(rsh:auth): allowed to username1@10.0.0.1 as myedi
View 2 Replies
View Related
Jul 26, 2010
On my website/blog I've gotten a couple of comments having what seems to be regular content (name, mail, message), but where the sender website field is set to "http://Yourwebsite". I find it strange that two comments from separate individuals fill the sender website field with this text. Is this possible to find out if these comments are spam or not? Based on the messages alone they don't seem to be, even though it is possible. From what I know the comments code don't enter this value by default.
View 2 Replies
View Related
Dec 15, 2010
I used Avast webfilter (proxied webtraffic through Avast) when running Windows. Sometimes Avast would alert and "protect" me from being infected by a compromised website. NOTE: Avast would alert even absent clicking any links. Just viewing the page could result in infection. Should I be running some kind of proxy webfilter for protection? My understanding is that Firefox can be compromised and this can in turn compromise Ubuntu.Are these kinds of threats specific to Windows running Firefox, or Firefox per se. If Firefox per se it seems like I need some sort of Proxy webfiltering like Avast provides.
View 9 Replies
View Related
Jul 3, 2011
We have a vpn that is accessible to anyone. We already block port 25, 587 and 465. But I am still receiving spam reports. I believe that the users of my vpn is infected by a virus or something that sends spam. Are there any other ways that spammer send spam mails without using the smtp ports?
My guess is that they are trying to send it by accessing a webmail. Have you heard of anything like that? how to block spam?
View 1 Replies
View Related
Nov 17, 2015
I use Debian Jessie + KMail on desktop side. My mail server has Spamassassin installed. My problem is that I receive some spam and it goes though the server-side filtering.
I mark all messages as SPAM in KMail but neither KMail or the server learn that those are spam and should not enter the inbox.
How to get rid of the messages? Unsubscribing is not an option - I don't want to click on any link contained in the mails.
View 6 Replies
View Related
Nov 5, 2010
When something comes in that gets sent straight to my junk mail folder, a notification STILL pops up... Also of note, I would like to stop notifications for my RSS feeds... I love my RSS feeds but this is ridiculous.
View 1 Replies
View Related
Feb 27, 2009
As of recently I've started receiving IM messages on one of my windows messenger accounts that I'm using with Pidgin that appear to be coming from certain contacts that have already been blocked. The messages are spam with a link to [URL]. Most probably there is something wrong with my security settings.
View 2 Replies
View Related
Jul 16, 2011
i have big problem see the message below
EB3B953E8934 3533 Sat Jul 16 22:41:24 discover@email.discover.com
(delivery temporarily suspended: host hrndva-smtpin02.mail.rr.com[71.74.56.244] refused to talk to me: 554 5.7.1 - Connection refused. IP name lookup failed for 203.121.27.186)
[code]....
View 2 Replies
View Related
Feb 3, 2010
Does anyone know how to block spam in the messenger Empathy? In my case it got to a level where I consider it as very annoying.
View 1 Replies
View Related
