CheckAuthLog: Difference between revisions
Line 5: | Line 5: | ||
==What could I use it for?== | ==What could I use it for?== | ||
If you are running a [http://www.postfix.org Postfix] or [http://www.exim.org Exim] email server, you can use this script to enhance security of your server. Stolen email credentials are now often used to send spam. A spam outflow from your email server could cause | If you are running a [http://www.postfix.org Postfix] or [http://www.exim.org Exim] email server, you can use this script to enhance security of your server. Stolen email credentials are now often used to send spam. A spam outflow from your email server could cause reputation problems particularly with large email providers and RBL users. While there are many other things you can do as a first line of defence, if you have a large or variegated group of users, you may not be able to avoid the risk of email credentials being stolen. | ||
CheckAuthLog is not designed to stop spam sending or avoid any fraudulent use of an email account. However it can help stop things before they go too far out of control. | CheckAuthLog is not designed to stop spam sending or avoid any fraudulent use of an email account. However it can help stop things before they go too far out of control. |
Revision as of 20:28, 19 June 2016
What is it?
CheckAuthLog is a security feature for email servers. It can check the log files for suspicious email sending behaviour which may be indicative of a compromised email account and block that account.
What could I use it for?
If you are running a Postfix or Exim email server, you can use this script to enhance security of your server. Stolen email credentials are now often used to send spam. A spam outflow from your email server could cause reputation problems particularly with large email providers and RBL users. While there are many other things you can do as a first line of defence, if you have a large or variegated group of users, you may not be able to avoid the risk of email credentials being stolen.
CheckAuthLog is not designed to stop spam sending or avoid any fraudulent use of an email account. However it can help stop things before they go too far out of control.
How do I get it?
The code for the project is available from this site
Previous versions are archived for historical reference but are no longer maintained and should not be used: CheckAuthLog previous versions
GPG signatures for the latest version is available here CheckAuthLog gpg signatures