On Mon, Nov 23, 2009 at 4:30 PM, Simon Mbuthia
<simon.mbuthia@gmail.com> wrote:
Shukran guys,
Will keep you posted on the progress... and by the way, does it mean that I should scan my mail server for malware? Coz my ISP says that a machine on my LAN is spamming. Should I run a virus scan as well [using a different tool coz KAV says it's as clean as a whistle]?
From my imagination of your network (since you did not detail that) I can say the problem can even be elsewhere, not necessarily on Mdaemon. Suppose hosts on your network are directly connected to the Internet, they can have spamming engines installed on them that can lead to such complaints. It's pretty easy to see if MDaemon is spamming (let's stick to that term) by simply looking at its session logs. Pretty simple, and you can view those in realtime. If you don't know how to do this, then you should reconsider running MDaemon, seriously. Outsource that function.
Did the ISP techie tell you which host is spamming? If the spam is going through their mail server, they should be able to tell you which IP that traffic is emanating from. If it's your gateway IP, then you have more work to do, because then, you have to pin down the host doing this by logging and analyzing traffic on the gateway machine. It would be easy it it was a Unix box....
Anyway, for me, you only triggered more questions. Give us an overview of how the network is configured for further help.
If spam is going through Mdaemon, then view the SMTP sessions of Mdaemon. You should be able to see what is going on if you have configured the logging options properly (setup -> miscellaneous options -> composite log window contains: enable as much as you want on that) by viewing the SMTP sessions.