On Fri, 13 Apr 2007, Paolo Supino wrote:
The webapp does talk to a real mail server: on localhost (IIS6 SMTP
service). When a spammers abuses the webapp the email is actually sent via
the local mail server and not directly from the webapp to all the mail
servers on the Internet. Rate limiting isn't an option because emails must be
out the door within a very short time frame from the moment a set of events
is triggered in the webapp.
You could:
1) Make them fix the code
2) Uninstall the IIS SMTP service and make them change the code to send
through a trusted host that can rate limit, filter, etc.
3) http://support.microsoft.com/kb/308161, see "smart host"
(2) and (3) would let you configure an MTA to filter this mess. The best
option is for them to fix their code AND use (2) or (3). It makes sense
to have untrusted applications send through the network's MTA(s) and to
put the machine behind pf blocking outgoing port 25. You don't want to
get blacklisted. Also, code that's letting this happen likely has many
other problems. I'd isolate it.
--
Kyle George
