Right now, our organization's firewall blocks all outgoing
connections to port 25 except directly from the mail server. Our
mail server supports authenticated relaying and SMTP-SSL on port 465
so this is not a problem in 99.9% of the cases. The majority of port
25 outgoing traffic not coming from our mailserver then is an
occassional laptop infected with a virus. Blocking port 25 prevents
the virus from spreading. However, it also means the occassional
visitor is not able to connect back to their ISP's SMTP server if the
ISP doesn't support something like SMTP-SSL (465) or port 587 sending
(which every ISP worth a hoot should do IMHO).
What I'd like to do is configure a transparent SMTP proxy on port 25
of the firewall that send the outgoing message through ClamAV,
allowing only clean messages to pass. User's wouldn't notice
anything when they send out messages via port 25 but viruses would
not get out (and admin notification of the offending IP wouldn't be
hard either). Is anyone aware of a SMTP proxy that is capable of
this? I believe the transparent proxy part would be configurable
with Linux and IPTables. Any suggestions?
Jay
--
Jay Lee
Network / Systems Administrator
Information Technology Dept.
Philadelphia Biblical University
--
_______________________________________________
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
