Spam Filter ISP Support Forum

  New Posts New Posts RSS Feed - Monitoring Connections to Spam Filter ISP remotely
  FAQ FAQ  Forum Search   Register Register  Login Login

Monitoring Connections to Spam Filter ISP remotely

 Post Reply Post Reply
Author
bstroba View Drop Down
Newbie
Newbie
Avatar

Joined: 26 June 2009
Location: 805
Status: Offline
Points: 1
Post Options Post Options   Thanks (0) Thanks(0)   Quote bstroba Quote  Post ReplyReply Direct Link To This Post Topic: Monitoring Connections to Spam Filter ISP remotely
    Posted: 26 June 2009 at 3:31pm
Hello Everyone,
 
I wanted to ask a general question to see if anyone has done this yet.
We use this Spam Guard ISP software on 2 servers that function as our spam filter solution.
I need to be able to monitor the service remotely for the Spam Gaurd ISP, and remotely monitor the connections that it handles.
 
Too many time s have we been hit with DOS attackts and I have to log in and fix the issue.
Can the connections be monitored with an SNMP Trap?
 
Thank-you
Ben
Back to Top
yapadu View Drop Down
Senior Member
Senior Member


Joined: 12 May 2005
Status: Offline
Points: 297
Post Options Post Options   Thanks (0) Thanks(0)   Quote yapadu Quote  Post ReplyReply Direct Link To This Post Posted: 27 June 2009 at 1:26am
I don't think there is a way to get any stats via remote, never seen it documented anyway.

I am interested in the denial of service aspect of your post however. What do you do when you are under attack?

I wonder if Roberto has any suggestion of software for Windows that can assist in preventing a DDOS type of attack against Windows/SF in general.
Back to Top
LogSat View Drop Down
Admin Group
Admin Group
Avatar

Joined: 25 January 2005
Location: United States
Status: Offline
Points: 4104
Post Options Post Options   Thanks (0) Thanks(0)   Quote LogSat Quote  Post ReplyReply Direct Link To This Post Posted: 27 June 2009 at 10:18am
The connections cannot be readily monitored remotely. The activity logfile can be parsed by 3rd party tools to provide reports, but this capability is not present out-of-the-box.

Please do note however that SpamFilter has built-in failsafes to prevent DDOS attacks. The "blacklist IP cache" filter will drop any TCP connections from IPs that have attempted to send more than a certain amount of spam emails (3 by default) in a certain timeframe (10 minutes by default) will be automatically blocked for some time (60 minutes by default). All these values can be customized. This feature greatly reduces the DDOS risk.
In addition, implementing the greylist filter (which is disabled by default however as it introduces a small email delay during the first few hours after it has been enabled) will also drop TCP connections for all IPs that attempt to send emails to SpamFilter, until they have successfully retried after a few minutes.
Roberto Franceschetti

LogSat Software

Spam Filter ISP
Back to Top
 Post Reply Post Reply
  Share Topic   

Forum Jump Forum Permissions View Drop Down



This page was generated in 0.258 seconds.