I am using PFSense firewall in my office. I have a windows based mail server in LAN and all the systems in LAN send mails thru the mailserver(icewarp merak mail server). There is no spam problem.
But the moment I allow my branch office people to send/receive mails using my local mail server via my ISP allocated static IP ( this is configured in pfsense WAN), lots of spam/virus being relayed thru my mail server and I could see the same in my mail server Log. Since many roaming users/branch office people are connected to this mail server, how do I find out which remote client is compromised and sending this spams using my internal mail server as a relay host. Secondly is there any AV package for pfsense which can prevent smpt, pop, ftp, smb viruses apart from http ( I have installed clamAV) -guru
