On 10/4/2013 2:29 AM, nik600 wrote: > Virus, botnet and user's bad policies about password allows many 3rd party > entities to stole passwords, in the last month i've experienced a grows of > hacked users, and in some case many spam messages are sent from my servers > before i can block the user. > > I've tried many combination > > smtpd_client_message_rate_limit > smtpd_client_recipient_rate_limit > anvil_rate_time_unit > > config options but as the sender changes frequently the client, sending > from different locations, so the limits above has no effect and i can't > stop the spammer. > > Does exists any configuration to limit the # of sasl login from an user? > > It could be very useful, and cloud be also useful monitor many login of the > same sasl user from different ip. > > What do you thing about that?
Have you considered sending your users a monthly reminder explaining the dangers of phishing attacks, that no legit entity will ever ask for their login credentials, etc? Trying to address the problem with strictly technical means at the server is a losing endeavor. The problem begins on the users' end, and must be fixed on the users' end. You simply need to give users the tools and education to fix it, or in this case, avoid it. -- Stan
