Am 01.02.2012 03:03, schrieb list@...
> We run a small cluster of postfix servers that are dedicated outbound
> relayhosts for our customers. Beyond the outbound postfix cluster we have
> another cluster of mail filtering appliances that have served their purpose
> very well, but we are starting to get more compromised account due to
> phishing attempts and some of the spam is getting through the outbound
> filters due to the volume of new spam messages.
> I am looking for advice on how to limit our exposure to malicious senders
> that have access to a users credentials. One method we have zero
> experience in is using RBLs, which I am hoping to learn more about.
i wouldnt do it with rbl in this case, i see no sense in it
you may use clamav-milter with sanesecurity sigs and simply get hold mails
for human inspection, or use amavis etc
once find a hacked or compromised account, delete it ,or infom the user
etc, or build some reject access list for them ( perhaps you can call
this a local rbl )
outbound spam is a problem ever
MfG Robert Schetterer