hogwash might help. I havent used it in a fair while though. http://www.securityfocus.com/infocus/1208
On 13/04/07, Paolo Supino <[EMAIL PROTECTED]> wrote: > > Hi > > I have the following problem: I host a group of windows servers that > run a webapp using IIS6 ASP technology. The webapp was written and is > maintained by a small private company that develops custom webapps for > companies. One of the services the webapp does is send out emails > (nothing amazing until now). The problem is that the webapp isn't > written securely. The developers keep saying the webapp is secure and > isn't the problem. Bringing someone from the outside to prove them wrong > has failed thus far. Showing logs and showing network access also proved > futile. the webapp is (ab)used by spammers to relay spam emails which > caused the webapp's IP address to be added to various spam black lists > :-( I'm sure it's the ASP is the problem because only HTTP and HTTPS are > accessible on these servers. The website itself is hidden behind a > firewall and SMTP port isn't reachable. I'm in the process of replacing > the current firewall (Microtik's RouterOS, a Linux based OS) with > OpenBSD and I thought of using spamd to block outgoing spam emails. I've > started reading about spamd and usage scenarios, but thus far only found > spamd being used on incoming emails. Did anyone use spamd to block > outgoing spam emails? Is what I want to do possible (in combination PF)? > Other solutions will also be appreciated obviously based on OpenBSD :-) > > > > > > TIA > Paolo
