Jason Haar wrote: > Jesse Guardiani said: >> 1.) Find the actual quarantined virus email >> 2.) Find the IP address (TCPREMOTEIP) this message came in from? > > You don't. That information is not contained within the syslog record.
Why not? I think it's useful to log the TCPREMOTEHOST and TCPREMOTEIP. That way you can be 100% sure that a virus is coming from a computer on your local network, and that it's not forged. -- Jesse Guardiani, Systems Administrator WingNET Internet Services, P.O. Box 2605 // Cleveland, TN 37320-2605 423-559-LINK (v) 423-559-5145 (f) http://www.wingnet.net ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Qmail-scanner-general mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/qmail-scanner-general
