Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




Linux Systems Admin
1048 posts

Uber Geek
+1 received by user: 195

Trusted
Integrity Tech Solutions
Subscriber

Topic # 248336 20-Mar-2019 13:52
Send private message quote this post

What systems are people using to detect and track down spamming accounts (usually compromised) on a multi-user mail server?





Integrity Tech Solutions @ Norsewood, New Zealand


Create new topic
570 posts

Ultimate Geek
+1 received by user: 63

Trusted
Internet by Design

  Reply # 2202514 20-Mar-2019 17:57
One person supports this post
Send private message quote this post

Generally, I'd do this with outbound spam filtering. Use the reporting functionality to get counts of spam per user. You might even be able to alert if the rate goes above a certain number.





Ask me about Web Servers, Wordpress and the internet in general.

 

 

 

Internet by Design


472 posts

Ultimate Geek
+1 received by user: 145
Inactive user


  Reply # 2202863 21-Mar-2019 14:16
Send private message quote this post

This the difference between an simple anti-spam service and a complete Email Security service. Vendors like Barracude, Fortinet, and Sonicwall do some very good solutions, not to pricey and cloud based.


 
 
 
 


770 posts

Ultimate Geek
+1 received by user: 326

Subscriber

  Reply # 2202864 21-Mar-2019 14:23
Send private message quote this post

MichaelNZ:

 

What systems are people using to detect and track down spamming accounts (usually compromised) on a multi-user mail server?

 

 

 

 

Um, make the accounts not compromised?

 

Probably difficult to help without knowing more. Are you running an ISP or is this a corporate mail server on the LAN? Are we talking SMTP?

 

I really think if you are relying on a spam filter for OUTBOUND mail, then you might want to re-architect how you are doing things.

 

 








570 posts

Ultimate Geek
+1 received by user: 63

Trusted
Internet by Design

  Reply # 2202867 21-Mar-2019 14:34
One person supports this post
Send private message quote this post

gbwelly:

 

I really think if you are relying on a spam filter for OUTBOUND mail, then you might want to re-architect how you are doing things.

 

 

 

 

I'd be really interested to hear how to architect things for user-controlled mailboxes that will stop spam without filtering.

 

The host/owner of the IPs has a vested interest in stopping spam from going out from their IPs.

 

Selling mailboxes, shared hosting, servers etc means you give that control over to the users. Outbound spam filtering is a necessity in these cases as you can write all the terms of service you like, but you can send hundreds of thousands of emails in a few hours if you're not filtering somehow.





Ask me about Web Servers, Wordpress and the internet in general.

 

 

 

Internet by Design


472 posts

Ultimate Geek
+1 received by user: 145
Inactive user


  Reply # 2202869 21-Mar-2019 14:37
Send private message quote this post

gbwelly:

 

MichaelNZ:

 

What systems are people using to detect and track down spamming accounts (usually compromised) on a multi-user mail server?

 

 

 

 

Um, make the accounts not compromised?

 

Probably difficult to help without knowing more. Are you running an ISP or is this a corporate mail server on the LAN? Are we talking SMTP?

 

I really think if you are relying on a spam filter for OUTBOUND mail, then you might want to re-architect how you are doing things.

 

 

 

 

Outbound antispam solutions are quite common (along with other features such as DLP, routing rules, encryption etc).

 

 


40 posts

Geek
+1 received by user: 10


  Reply # 2202924 21-Mar-2019 17:51
One person supports this post
Send private message quote this post

ELK Stack, love it

 

 

 

https://www.elastic.co/elk-stack


770 posts

Ultimate Geek
+1 received by user: 326

Subscriber

  Reply # 2203207 22-Mar-2019 07:10
Send private message quote this post

danielfaulknor:

 

Selling mailboxes, shared hosting, servers etc means you give that control over to the users.

 

 

That is why I asked if he's running an ISP. Corporate network it's quite easy to prevent this with only a sick with a nail in it or a HR lady.

 

 

 

 










Linux Systems Admin
1048 posts

Uber Geek
+1 received by user: 195

Trusted
Integrity Tech Solutions
Subscriber

  Reply # 2203234 22-Mar-2019 09:18
Send private message quote this post

Thanks for the responses.

 

This is for a customer who has a mail server which services lots of subscribers.

 

Their current method of looking for the source of problems is like needle in a haystack.





Integrity Tech Solutions @ Norsewood, New Zealand


Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

NZ and France seek to end use of social media for acts of terrorism
Posted 24-Apr-2019 12:13


Intel introduces the 9th Gen Intel Core mobile processors
Posted 24-Apr-2019 12:03


Spark partners with OPPO to bring new AX5s smartphone to New Zealand
Posted 24-Apr-2019 09:54


Orcon announces new always-on internet service for Small Business
Posted 18-Apr-2019 10:19


Spark Sport prices for Rugby World Cup 2019 announced
Posted 16-Apr-2019 07:58


2degrees launches new unlimited mobile plan
Posted 15-Apr-2019 09:35


Redgate brings together major industry speakers for SQL in the City Summits
Posted 13-Apr-2019 12:35


Exported honey authenticated on Blockchain
Posted 10-Apr-2019 21:19


HPE and Nutanix partner to deliver hybrid cloud as a service
Posted 10-Apr-2019 21:12


Southern Cross and ASN sign contract for Southern Cross NEXT
Posted 10-Apr-2019 21:09


Data security top New Zealand consumer priority when choosing a bank
Posted 10-Apr-2019 21:07


Samsung announces first 8K screens to hit New Zealand
Posted 10-Apr-2019 21:03


New cyber-protection and insurance product for businesses launched in APAC
Posted 10-Apr-2019 20:59


Kiwis ensure streaming is never interrupted by opting for uncapped broadband plans
Posted 7-Apr-2019 09:05


DHL Express introduces new MyDHL+ online portal to make shipping easier
Posted 7-Apr-2019 08:51



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.