Noel Jones <njones <at> megan.vbhcs.org> writes: > Your method of manually whitelisting any IP that happens to be > spamhaus listed doesn't scale very well. Every time some authorized > user travels somewhere, stops at a wifi hotspot, or their home IP > changes, will need to call you to get whitelisted before they can > send mail. This might be OK if you have only a handful of users and > neither you nor they mind a phone call every time they can't send mail. > > A more typical solution is to allow authorized users to send mail > from wherever they happen to be, and use rate limits on postfix via > postfwd or similar to alert you to a possibly compromised account. > > -- Noel Jones > >
Hi, thanks again for your advice. My use case is slightly different from the one you describe (ip change is not that frequent), so my restrictions should fit well. I'll be prepared to switch to your paradigm as the situation changes. Bye, Fabio
