Am 18.04.2015 um 20:50 schrieb Viktor Dukhovni: > On Sat, Apr 18, 2015 at 06:16:56PM +0000, Chuck Peters wrote: > >> I'm researching migrating some Exim servers to Postfix and would like to >> implement automatic blocking of compromised and spammers' accounts with >> notifications to staff. Any suggestions? >> >> On the Exim user list today someone suggested >> https://github.com/Exim/exim/wiki/BlockCracking. >> > > With Postfix you would generally use a policy service to detect > anomalous outbound mail from potentially compromised accounts. > > What constitutes anomalous outbound mail is then up to the policy > service. Various policy services are in use for this purpose. > > A policy service might even connect to a loopback Postfix SMTP > service port that is configured to use "recipient verification" to > check for non-existent addresses (and caches positive/negative > results) (make sure that SMTP service is not configured to also > use the same policy service). > > Most users seem to get adequate results with just volume limits. > > If at all possible, generate strong random passwords for submission > users, these are not passwords users type in very often. The MUA > will store the password, so there's no reason to have a "memorable" > one. This also avoids passwords that are used at multiple sites > and get compromised when those sites get breached. >
have a look at https://github.com/croessner/vrfydmn/ Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein
