Wow!! Its been ten days already and not a posting, that's not encouraging and unlike me. I Promised at least on post a week.
The last couple of days was not really so spectacular. I was able to find the solution to the high response time we were heaving on the wan. Like I said, it was the cause of spammers connecting through our firewall to the mailserver and using the mailserver for spamming.
I tackled this problem, by first copying out all the unknown IP addresses connecting to through the firewall and blocked them from the Traffic Policy tab under configuration settings. I just denied everything from these IP addresses. I applied the recently changed settings, and then restarted KerioWinroute. I noticed that other unknown IP addresses were still connecting to the firewall. I concluded that since these spammers were targeting the mailserver, the best place to block them would be from KerioMailserver.
I logged into KerioMailserver, and went to blacklist, which is under spam filter under content filter tab. There, i added these ip address to the blacklist, and restarted the mailserver and the firewall. I still didnt see any major change. I did a google on blocklist and various kind of lists, to keep out spamming ip address from a network. I got some good blacklist, that were not included in the default configurtation of kerioMailserver and i added them. Well i restarted the firewall and mailserver after these configuration changes, and i noticed that things seemed much better.
For now everything is running fine, mails are going out and coming in as expected, and HTTP traffic from within the LAN is also much better. The response time is now as expected, and i do not have to stop and restart the firewall for new users conecting to the lan to be able to go online. I just have a fear that the balcklist i added to the list might be a little too restrictive and will probably block some genuwine emails from coming in.
Well illl wait and see if there are any complaints from users, and ill keep you posted.
The last couple of days was not really so spectacular. I was able to find the solution to the high response time we were heaving on the wan. Like I said, it was the cause of spammers connecting through our firewall to the mailserver and using the mailserver for spamming.
I tackled this problem, by first copying out all the unknown IP addresses connecting to through the firewall and blocked them from the Traffic Policy tab under configuration settings. I just denied everything from these IP addresses. I applied the recently changed settings, and then restarted KerioWinroute. I noticed that other unknown IP addresses were still connecting to the firewall. I concluded that since these spammers were targeting the mailserver, the best place to block them would be from KerioMailserver.
I logged into KerioMailserver, and went to blacklist, which is under spam filter under content filter tab. There, i added these ip address to the blacklist, and restarted the mailserver and the firewall. I still didnt see any major change. I did a google on blocklist and various kind of lists, to keep out spamming ip address from a network. I got some good blacklist, that were not included in the default configurtation of kerioMailserver and i added them. Well i restarted the firewall and mailserver after these configuration changes, and i noticed that things seemed much better.
For now everything is running fine, mails are going out and coming in as expected, and HTTP traffic from within the LAN is also much better. The response time is now as expected, and i do not have to stop and restart the firewall for new users conecting to the lan to be able to go online. I just have a fear that the balcklist i added to the list might be a little too restrictive and will probably block some genuwine emails from coming in.
Well illl wait and see if there are any complaints from users, and ill keep you posted.
No comments:
Post a Comment