lokesh.khanna@accelonafrica.com wrote:
> D & E Radel
>> lokesh.khanna@accelonafrica.com wrote:
>>> I am running transparent squid server on Redhat ES 3.0 box. I noticed
>>> some time some of my users establish http connection with some server on
>>> internet and send spam mail. Header of that mail always contain squid
>>> server IP address. Is there any way I can insert customer's PC ip
>>> address also which is actually sending that mail?
>> If that really is the case, how about blocking access to that "some
>> server" and cancelling your customer's account?
> Yes, But this will be ongoing process. I will rather prefer to find out
> who is doing this and remove him from my network.
Just use Squid's access.log - correlate the logs with the time the emails
were sent, and then you have the abuser's IP address.
Adam
Received on Fri Oct 28 2005 - 21:55:56 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Nov 01 2005 - 12:00:05 MST