Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Log outgoing SMTP traffic on a PIX 506e

I have a Cisco PIX 506e which I would like to log all outbound SMTP traffic down to internal IP address. I have a rogue spammer on my network which I would like to track down. I am not to familar with the CLI and prefer to work with the PDM if possible. I setup a Syslog server, but it seems to be capturing almost too much data and I dont see any SMTP traffic other than from my mail server. Here is my current config

2 REPLIES

Re: Log outgoing SMTP traffic on a PIX 506e

=========

if this is your setup then, you will only see packets from your mail server on port 25 in the PIX fw logs, which is not that helpful.

To track down the spammer in your network, you will have to check the logs from your MAIL/SMTP server.

You can also try opensource SPAM filters like spamassassin

http://spamassassin.apache.org/

New Member

Re: Log outgoing SMTP traffic on a PIX 506e

Well I am thinking someone on my network has a trojan which is spamming. The clients sit on the same LAN as my mail server

247
Views
0
Helpful
2
Replies