Dear list, i subscribed today to list and the welcome instruction really does not contain the preferred posting address. In fact i was not sure that the message would make its way the the list.
Coming back to real issue, i have already initiated password policy control. But i feel its not impossible for the enduser to somehow leak the password, passwords are commonly remembered by muas and possibility of virus and malware sniffing out the passwords from end user can also not be ruled out. Hence some sort of traffic control at the server level even with authenticated clients left to be desired. does it exists ? I am new to postfix. In my server the spammer was able to quickly pump 1 million messages using the compromised account. Regds mallah. Sent from my Nokia e7 phone x-----Original Message----- From: Evan Platt Sent: 24/04/2011, 8:04 AM To: Daniel Bromberg Cc: postfix-users@postfix.org Subject: Re: need help for controlling authenticated realy On Sat, Apr 23, 2011 at 7:17 PM, Daniel Bromberg <dan...@basezen.com> wrote: > Can you stop sending to postfix-us...@cloud9.net? It's messing up my filter > and will probably mess up lots of other automated filters as well. Use > postfix-users@postfix.org. Sorry - I did a reply all to the e-mail. You should be filtering on another header :) > As far as controlling the situation you describe, I'm a bit mystified that > common sense damage control techniques are not being used, such as > immediately changing all passwords to something difficult and random, then > notifying your clients that have a legitimate relationship with you. If > legit clients get a failure they'll call/e-mail your help infrastructure. > > Also, is this a shared password for multiple clients? Definitely a big > weakness if so. I'll let the OP answer that question :)
