The email system we use for our non-corporate employees has been blacklisted by Fortiguard so some emails are not going through to DOMAIN.COM. It states that we have been flagged as sending Spam in the last 30 days. I have found a window of 5 days where we have gone from able to send mail to DOMAIN.COM to getting the blacklist error. I need help with two things:
1. What exactly to look for in the SMTP logs that would signal me that we have an infected PC sending SPAM out that server or something so I can try to find the source.
2. Any way to search the logs as they are around 100k lines each. I really don't want to try and read through several 100k lines of plain text line-by-line.