On Sun, May 16, 2004 at 09:19:51PM -0500, John Jolet wrote: > We, in fact, have smtp outbound blocked for ALL but our mail servers, for > that very reason. With the notable exception of our network monitoring box > and the 3 or 4 outbound smtp servers, nothing can send mail out without > passing through a gateway.....now if I could only convince them to let us > run clam on the gateway....
We use transparent proxy on our edge router to redirect port 25 back onto our Qmail-Scanner servers. The advantage of this is that we can then use the logging to trigger alerts when an *internal* address is responsible for the virus. i.e. we alert on locally-generated viruses, but just ignore (for alerts) Internet-generated viruses. -- Cheers Jason Haar Information Security Manager, Trimble Navigation Ltd. Phone: +64 3 9635 377 Fax: +64 3 9635 417 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 ------------------------------------------------------- This SF.Net email is sponsored by: SourceForge.net Broadband Sign-up now for SourceForge Broadband and get the fastest 6.0/768 connection for only $19.95/mo for the first 3 months! http://ads.osdn.com/?ad_id=2562&alloc_id=6184&op=click _______________________________________________ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
