you will need to so lots of custom code.
First, you will need a database of abusesive users (why not just suspend
their account. PERIOD, they violate your TOS, they violate the can-spam
act, CAN them!??)
Second, you need a real-time database of ip-> current user.
third, create a policy server that matched current ip (user) to past
abusive user and deny them email access (better to just CAN them, don't
let them back on)
-----Original Message-----
From: Mike Kenny [mailto:[EMAIL PROTECTED]
Sent: Wednesday, December 27, 2006 6:50 AM
To: Michael Scheidell
Cc: users@spamassassin.apache.org
Subject: Re: mapping dynamic IPs to specific accounts
Sort of. Our problem is not identifying the sending of spam
(well that is not our only problem) but recognizing a user as a past
spammer and denying them access to our smtp servers. The only ID we have
for those users is the IP that was assigned to them by the data network.
Since this is dynamic we cannot block access based on this alone, so we
want tp map that IP back to an identity string that identifies the user
unambiguously.
mike
On 12/27/06, Michael Scheidell <[EMAIL PROTECTED]> wrote:
You aren't looking to use Authenticating, TLS, POP
before Auth, or that like to stop RELAYING, what you want to do is to
catch accounts that are SPAMMING (on purpose or infected?)
Something like a postfix policy server might help.
-----Original Message-----
From: Mike Kenny [mailto:[EMAIL PROTECTED]
Sent: Wednesday, December 27, 2006 6:11 AM
To: users@spamassassin.apache.org
Subject: mapping dynamic IPs to specific
accounts
A client of mine provides an email service to a
number of mobile users. This leave my client open to abuse as addresses
are assigned dynamically and blocking specific users is difficult. We
have set up an internal, private DNS which we update with the
authentication details of the user and the IP assigned to him/her at
that time. We now want to configure postfix/spamassassin to query this
DNS and return the authentication details. This will allow us to
blacklist the abusive users until they re-register (at a cost) and
should help us fight the proliferation of spam.
How best can this be done? It is not enough that
the IP is in the DNS, we expect it to be and we don not want to
blacklist based on the IP. We actually need to get the authentication
details back and look these up in a blacklist. So how do we configure
postfix or spamassassin to look up one DNS and pass the returned value
to a second DNS or hash or whatever to return the final judgement?
Thanks,
mike
