Jump to content

sarky

Members
  • Content Count

    6
  • Joined

  • Last visited

Everything posted by sarky

  1. Hi All, After doing a lot of research for Yonks and i have not seen a post which actually answers my question. I am an ISP with a /24 Address, in a country that is known to be SPAMAHOLIC , i am taking a satellite feed to serve my customer base with over 600 Clients. I have stuck up a firewall and i keep updating with ports that the latest Viruses are using so the unaware will not be able to harm or replicate on the Wide net. Proxy and Natting is something which is widely used on my side and definitely on a lot of other networks around the World. I am going to secure my Mailserver to make sure that it is not used to send spam out of it but i am still researching on the software to use Any points here will be well apreciated for mailserver <Sendmail> I keep receiving Email about IPa or IPb sending spam with the header files attached, after checking it out, all spam generating from my system is sent through FREE WEBMAIL, where a kid of 6 can have an email address. If my network is being used to access a http site and do the crime HOW can i or other admins out there be able to track those http queries. One solution i heard a couple of years ago from the IP Source (Main Feed), Said block all access to FREE MAIL <Funny One Mind>. The above solution is a dire solution and in if i end up blocking half of the list or the main ones, i would loose customers and i might as well close up shop. Major clients are cybercafe's and they know the fight we are going through but still it is not something which can lead to a 100% eradication. I would like to hear other admins out there on points about tackling this above issue. Thank you all Sarky
  2. sarky

    Why BlackList a Gateway?

    if i have to generalise it, it is said that over in Nigeria 80% use Yahoo for mail, so blocking Yahoo ain't a choice at the mo. All my machines are running Fedora, as for logs yeah i do have some good login system everything is loged in Radius accounting so that is not a problem to pull out the info if the IP is there, for now NATting the System makes it hard for one to pin point the exact person. I can pin point the Location of the entry and if i am not lucky and i had more than 1 user at that particular time using that AP then it is hard to be sure. The only thing i do not understand is the logic behind shutting down the Entry point and not the mailserver which actualy accepted it to be delivered. In a nutshell i think those big corporation need to do something about there mailserver or actualy check there outgoing mail for the Key words which spam now a days is based on. Thanks Sarky
  3. sarky

    Why BlackList a Gateway?

    You got it, I just want to do my business the best way i can, for example things which ar e in my hands putting up a firewall so no one can access external port 25 on other mail servers except my ISP mailserver. but the WebMail is not something we as ISP can do anything about but we get the HIT and yes it has originated from my IP but is there anything out there i can put on my network to see the traffic going out VIA http protocol and intercept? Also an example i thought about, if my Sendmail config is screwed and users outside my network can send mail out through my mailserver who is the initiator? Thanks again Sarky
  4. sarky

    Why BlackList a Gateway?

    The use of the Word Gateway was emphasising on the fact that my IP gets blocked instead of Yahoo get punnished for allowing spam to come through its WebMail system. With the lack of IPs i use a NATed network at the home end and it is hard to know which computer did it, because the Real IP is the one shown and nothing links them together. Also using a WebProxy on the network hides a lot of activities, in a WebMail more often you will see the IP of the webproxy and not where they are originating from. My problem is that someone on the network did something he should not do, that is agreed and for me to monitor anything called HTTP is not easy, so the middle point as i can see it, companies with free webmail should work on something to make sure it does not allow spam out of there network, i.e user types his spam clicks send, it should block. I hope the above makes sense. Sarky
  5. sarky

    Why BlackList a Gateway?

    Sorry guys i dont know what was wrong with me, i gave you guys the wrong ip well two digits were wrong instead of 81.56.151.0/24 it is 62.56.151.0/24. sorry once more for that it is a new set of IPs and i have not memorised them as of yet Sarky
  6. sarky

    Why BlackList a Gateway?

    Yeah sure my new IP range at the moment is 81.56.151.0/24, i have 3 complaints or more already generating from 3 or so IPS. Thanks Sarky
×