You aren't looking to use Authenticating, TLS, POP before Auth, or that
like to stop RELAYING, what you want to do is to catch accounts that are
SPAMMING (on purpose or infected?)
Something like a postfix policy server might help.
-----Original Message-----
From: Mike Kenny [mailto:[EMAIL PROTECTED]
Sent: Wednesday, December 27, 2006 6:11 AM
To: users@spamassassin.apache.org
Subject: mapping dynamic IPs to specific accounts
A client of mine provides an email service to a number of mobile
users. This leave my client open to abuse as addresses are assigned
dynamically and blocking specific users is difficult. We have set up an
internal, private DNS which we update with the authentication details of
the user and the IP assigned to him/her at that time. We now want to
configure postfix/spamassassin to query this DNS and return the
authentication details. This will allow us to blacklist the abusive
users until they re-register (at a cost) and should help us fight the
proliferation of spam.
How best can this be done? It is not enough that the IP is in
the DNS, we expect it to be and we don not want to blacklist based on
the IP. We actually need to get the authentication details back and look
these up in a blacklist. So how do we configure postfix or spamassassin
to look up one DNS and pass the returned value to a second DNS or hash
or whatever to return the final judgement?
Thanks,
mike
