On 4/23/2011 10:09 PM, Evan Platt wrote:
[snip]
On Sat, Apr 23, 2011 at 6:45 PM, Rajesh Kumar Mallah
<mallah.raj...@gmail.com> wrote:
Hi,
We allow relaying of email via our server to our clients using authentication.
The problem is that some miscreants have got hold of our clients password
and are using our email server to send SPAM after successfully authenticating.
Please tell how to control this situation.
I was thinking in lines of enforcing policies on even authenticated smtp clients
that are pumping SPAM . Eg restrict clients not to send more than 10 emails
per minute , etc.
Any help would be greatly appreciated.
Regds
Mallah.
Can you stop sending to postfix-us...@cloud9.net? It's messing up my
filter and will probably mess up lots of other automated filters as
well. Use postfix-users@postfix.org.
As far as controlling the situation you describe, I'm a bit mystified
that common sense damage control techniques are not being used, such as
immediately changing all passwords to something difficult and random,
then notifying your clients that have a legitimate relationship with
you. If legit clients get a failure they'll call/e-mail your help
infrastructure.
Also, is this a shared password for multiple clients? Definitely a big
weakness if so.
-Daniel
