Michael J Wise put forth on 11/6/2010 9:53 AM: > But since RFG is taking a crash course in outflow filtering, I also would be > VERY interested in whatever suggestions the list membership might have about > ways to do it well. > > Currently, the service where I am employed uses automated processing of > Feedback Loops and statistical analysis of customer traffic patterns to raise > alarms, and *some* of those capabilities now seem mature enough to allow them > to disable a customer automatically, but personally I still prefer having a > human in the loop, but that's me. > > Please, I'd love to hear any suggestions.
I'm guessing your perspective is going to be different that most users on this list, who are, I'm guessing, not ISPs or service providers per se. Thus, I'm guessing the focus of most folks here in this regard is simply, to use a plumbing analogy, to open the faucet just enough to allow normal mail to flow freely, but cause a build up of runaway spam flow to drip out around the faucet, allowing the OP to see the small puddle and fix the leak. This addresses the typical phished credentials scenario which I think is what most here are probably concerned with. I gather that in your environment the goal is to punish the user who cranked open the knob on the faucet, instead of putting a lock on the thing in the first place, limiting how far it can be opened. Thus, the methods discussed here are probably going to be geared toward the former and not so much the latter. -- Stan
