Dear Gentle Folk,
What is the state of the art in dealing with users whose SASL password has been compromised? Running CentOS, and latest postfix. When a password gets compromised, spam starts to pour out of the server from endless numbers of IP's, to endless numbers of addresses. Rate limiting is interesting but doesn't really stop the spam. Counting client=[IP] addresses until a threshold is reached is highly effective, but then what? Change their password? Thanks in advance. Homer ------------------------------------------------------------------------ Homer Wilson Smith Clean Air, Clear Water, Art Matrix - Lightlink (607) 277-0959 A Green Earth, and Peace, Internet, Ithaca NY ho...@lightlink.com Is that too much to ask? http://www.lightlink.com
