Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: mouss (moussnetoyen.net)
Date: Tue Dec 16 2008 - 13:29:20 CST
David Koski a écrit :
> An ISP that I do work for recently had an acocunt on their CommuniGatePro
> server hijacked by a spammer. Of course this got them on the blacklist of
> AOL, Yahoo and others. There are three inbound Postfix relay servers for
> blacklisting that are in front of three Barracuda spam filters. I am trying
> to come up with a way to use the inbound Postfix relay servers for
> controlling outbound email. Is there a way to limit email from a single
> sender per day or per hour with Postfix used as a relay?
you can use the throttle functionality of policyd (v1):
(there's a V2, rewritten in perl, but I never tried it, so I can't tell
alternatively, you can have a script that parses logs and populates an
access map. This requires work but will be more flexible as you can mix
multiple heuristics to detect abuse. It also doesn't interfere with the
> How effective would
> Postfix/Amavis/Clam/Spamassassin be for stopping abuse?
- clamav would be good if you have enough resources. you can use it from
amavisd-new or from clamsmtpd (less flexible, but it's less expensive).
you can add non official signatures (sanesecurity, msrbl) to detect more
- spamassassin, besides being expensive, is developped for inbound mail
(this is actually true for most content filters). if you use it, you'll
need to disable such checks. for example:
- Bayes (this is hard to use in an ISP environment, be that for inbound
or outbound). Bayes is unusable without correct training.
- most DNSBL checks
- You can use URIBL/SURBL via a milter: