On Fri, May 03, 2013 at 12:07:56PM -0500, l...@airstreamcomm.net wrote:
> Very nice, we tend to see the same behavior in our compromised SASL
> users so this will come in handy. Thanks!
It best to not let compromised accounts dominate the queue in first
place. Consider a policy service that rate limits by SASL username.
> To keep the sharing train rolling, I attached a queue monitoring
> script which we use with our SNMP monitoring system to alert when
> the mail queue exceeds a certain number of messages.
Have you looked at:
http://www.postfix.org/QSHAPE_README.html
By the way, the attachment was all NUL bytes.
--
Viktor.
