On Tue, Oct 20, 2009 at 4:40 AM, Martin Schiøtz <mali...@gmail.com> wrote:
>>> Can I do any outgoing spam checks with postfix or I'm forced to
>>> install lots of Amavis, spamassassin, etc. software to do that job.
>>>
>>
>> I'm sorry to tell you that blocking outbound spam is at least harder
>> than blocking inbound spam.
>>
>> - you certainly need an anti-virus
>> - you "can" use spamassassin. but it's not enough. (note that "per
>> recipient Bayes" is of no use here).
>>
>> but you need to watch the behaviour of internal clients. you need to
>> detect abusive/abused clients. and to avoid problems, you want rate
>> limiting.
>
> I just want to do some simple checks and rate limit seems like a good
> idea and it can be performed by postfix.
Rate limiting would be done by adding the following to your main.cf:
smtpd_end_of_data_restrictions =
check_policy_service inet:{HOST}:{PORT}
Where a service is listening on HOST:PORT and can keep track of how
many messagesXrecipients a given _AUTHENTICATED_ user has sent over a
certain time period.
Listen to everyone else -- you also need to do deep content filtering,
otherwise your relays will be blocked by the Yahoo!s, Comcasts,
Hotmails, Outblazes, etc of the world.
Be sure that you're not running an open relay, that you're not sending
out spam/viruses (you will be! everyone's network leaks a bit) and
rate limiting will cause customer escalations, but helps with the
night-spammer scenario.
One other thing: if you decide to _not_ go with spam filtering,
announce your outbound IPs to this list so that we can all block you
:)
