> I have a user that I suspect is spamming using one of those new
> stealth spamming programs so he can bypass our mail server (and the
> logs). I have only received one complaint, but I want to nip this in
> the bud ASAP. Anyhow, what I want to do is assign a filter to him via
> RADIUS so that when he sends to port 25 it gets logged but all traffic
> to/from him still works normally. I'm pretty sure this is easy to do,
> but I'd like to put it in place ASAP which is why I'm asking here (as
> I'm reading the manual in Acrobat in another window).
Sure, just create a permit rule for tcp port 25 (SMTP) that has the log
keyword appended to it. Something like:
add filter getspammer.in
set filter getspammer.in 1 permit 0.0.0.0/0 0.0.0.0/0 tcp dst eq 25
set filter getspammer.in 2 permit
Then apply the filter to the user in RADIUS with Framed-Filter-Id.
-jr
----
Josh Richards - <jrichard@livingston.com> - <josh@lucent.com>
[Beta Engineer] - LUCENT Technologies - Remote Access Business Unit
<URL:http://www.livingston.com/> * <URL:http://www.lucent.com/dns/>
-
To unsubscribe, email 'majordomo@livingston.com' with
'unsubscribe portmaster-users' in the body of the message.
Searchable list archive: <URL:http://www.livingston.com/Tech/archive/>