* D G Teed <donald.t...@gmail.com>: > Today a user's account was compromised (likely phished) and their > credentials used to send email over our main outbound SMTP > with TLS and SASL auth. > > When we learned of it, the PAM smtp configuration was set up to > block the user account authenticating and the account was soon disabled. > > In the meantime, thousands of spam had gone out, as it happened > before we get to work.
Well, that happens to us as well. > Are there any suggestions on how to tune postfix to limit the spam > throughput? > There are also legitimate users who have bulk email to send, so > limiting by recipient quantity (as we do on our webmail) wouldn't be > desirable. You probably need a policy server which limits the sender to a certain amount of mails per time unit. If that limit is being exceeded, you could either tempfail the mails until some human admin lifts the ban OR put the mails on hold. -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebra...@charite.de | http://www.charite.de
