How to find out which desktop is being used to send spam
We are being blacklisted and our mail is getting rejected. Changing our outgoing ip gets the mail flowing again but after a while we get blacklisted again. Spam must be going out fron our location to cause this action. I installed wireshark to monitor the network traffic and capture packets. Is this the right software to use and what do I look for in the captured file?
Another way to help would be to create a rule that only allows smtp outbound from IP XXX where XXX is your mail server