On Sep 8, 2008, at 06:04, Jeremy Chadwick wrote:
On Mon, Sep 08, 2008 at 05:59:54AM -0700, David Southwell wrote:
On Monday 08 September 2008 05:19:51 Jeremy Chadwick wrote:
On Mon, Sep 08, 2008 at 05:10:27AM -0700, David Southwell wrote:
I have had a series of attacks on a system which resulted in a
hijack of
our mail system.
I believe I have now fixed the main problem but I need a tool
that will
reliably, and independently of the mail logs check my network for
all
outgoing mails and hold them up until I am certain that there all
loopholes have been closed.
Can anyone please let me have some recomendations on the best way
of
going about this
You might want to look at the clamav port. If there are examples of
the things you would be checking for, you can create your own
signatures for those and clamav will do the monitoring for you. You
can configure it to quarantine messages which have the signature for
manual review. It won't find anything new, it just does a better job
of finding things you have seen before.
_______________________________________________
freebsd-ports@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
