Hi, we are trying to mitigate the impact of having infected users, brute force hacked webmail accounts etc. sending (larging amounts of) outbound spam.
The best idea we've come up with so far is to perform outbound spam filtering following these rules (it's a bit more complicated than this, but this is the big picture): - Spam scoring (Spamassassin). If spam: - Put the mail on hold - Add an iptables rule rejecting the IP - Notify postmaster/abuse This is relatively easy to accomplish technically. However I would like some input on what methods people out there use to combat/minimize outbound spam. Also, if anyone out there has implemented something similar (or not similar :) ) to what's described above, I'd love to hear about it. Thanks! -- Vegard Svanberg <veg...@svanberg.no> [*tak...@irc (EFnet)]
