Page 1 of 1
How can I view what is being blocked
Posted: 15 Nov 2015 14:30
by BigBadLambo
I am using this for business and if legitimate emails are being blocked it could cost some serious money. How can I see what is being allow through and what is being blocked? Sorry I don't have much Linux knowledge. I have implemented, a new firewall, a new load balancer, this EFA, and 2 new Exchange servers in a cluster, so I have a bunch of new moving parts.
Re: How can I view what is being blocked
Posted: 15 Nov 2015 16:14
by shawniverson
Two places.
1) EFA Web Interface
http://address_of_your_efa
or
https://address_of_your_efa
if https is enabled
2) /var/log/maillog
postfix logging information is also here, in case something gets blocked at the MTA level.
If you are concerned about legitimate emails being blocked, I recommend the following:
1) Disable greylisting (some legitimate sites don't have good MTA behavior and won't resend emails like they are supposed to do)
2) Don't rely too much on the MTA layer (postfix) to block mail. Anything blocked at the MTA does not get logged in MailWatch because it never makes it to MailScanner. You may want to review /etc/postfix/main.cf and look over the settings.
Re: How can I view what is being blocked
Posted: 15 Nov 2015 16:33
by BigBadLambo
Perfect. THANKS!!!!!