A solution I was going to implement was mailsnarf on GW1 but it does snat and mailsnarf still logs mails with the source ip of GW1. Any ideeas on how to overcome this ? (I think a comparison between "logged ip headers'" time and "virii found @ MAIL SERVER" time improper.)
iptables snat rule: SNAT all -- intif/24 anywhere to:extif _______________________________________________ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
