From: Adi Linden (adiladis.on.ca)
Date: Mon Nov 07 2005 - 09:33:14 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> You probably want a policy service for this. Anvil addresses run-away
> programs that may saturate queues, not fine-grained per-user rate limiting.

Is there anywhere a bit of a how-to for anvil? Unless there is a better
solution that integrates into postfix I'd like to gove it a try. Just had
a infected client PC queue 80,000 SPAM emails. As far as I can tell about
50% were still left in the queue...

To explain the situation, we run a fairly large network. SPAM originating
from compromised end user PCs is a substantial problem. We are now no
longer permitting residential users to use port 25 leaving their local
network. Exceptions are some well used local mail servers. Our mail system
relies on SMTP AUTH to relay mail. There have been very few problems with
abuse. But by blocking port 25 we now need to offer people on our network
but using outside mail a means to send email via smtp without account on
our mail system. So I setup a postfix instance that is open to all of our
ip space for relaying. That took only hours to be abused.

So I am looking for a way to heavily throotle the numbers of email a
client can move through this postfix instance. This won't eliminate SPAM
originating from this but hopefully greatly slow it to a few messages
rather then thousands.

Adi

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]