On 5/10/2013 1:06 PM, Wietse Venema wrote: > Pol Hallen: >> Hi folks! >> >> I'm newbie and I study postfix >> >> What I should be use to (check) and block attempt spam from my lan to >> internet? > > Welcome (that's a funny email address BTW). Here are some suggestions > for software that is often used with Postfix: > > - Use a content filter, so that your clients cannot send out known > malware. http://www.ijs.si/software/amavisd/ > > - Use per-client rate limits, so that an infected client cannot > send too much mail. http://www.postfwd.org/
And the most effective countermeasure to spam originating from devices on the LAN has nothing to do with Postfix. As most spamware in the wild today still attempts to send direct-to-MX, simply creating a TCP 25 egress filter at your edge router/firewall will give the best bang for the buck. This simply means creating a rule to drop all outbound TCP 25 connections except those originating from the IP of your Postfix MTA. -- Stan
