Loading ...
Sorry, an error occurred while loading the content.

Re: Limit sent email to prevent spam

Expand Messages
  • Reindl Harald
    ... anvil_rate_time_unit = 1800s smtpd_client_connection_rate_limit = 50 but this restricts only connections/ip and does not help if userdata
    Message 1 of 7 , Jul 1, 2011
    • 0 Attachment
      Am 01.07.2011 12:56, schrieb Antonio Tommasi:
      > Hi to all,
      > i describe my scenarious and i'd like any suggest to resolve/limit the problem.
      >
      > Some user, in my University, reply to phishing email and give username and password
      > of your email account; then the malicious send spam email up to we block account,
      > but our server often will list in blacklist.
      >
      > There is a way to limit this problem? If i enable smtp-auth can i limit sent email in timestamp?
      > Any other suggestion?

      anvil_rate_time_unit = 1800s
      smtpd_client_connection_rate_limit = 50

      but this restricts only connections/ip and does not help
      if userdata form poor idiots are distrributed worldwide

      normally everybody who is offering userdata to foreigners should be tarred and feathered
      as also the individuals buying some crap after receiving spam mails since they are the
      only reason sending millions mails every hour is a working business
    • Robert Schetterer
      ... as quick workaround you could use clamav-milter with sanesecurity antipishing sigs, that should help with known wide spreaded spam -- Best Regards MfG
      Message 2 of 7 , Jul 1, 2011
      • 0 Attachment
        Am 01.07.2011 12:56, schrieb Antonio Tommasi:
        > Hi to all,
        > i describe my scenarious and i'd like any suggest to resolve/limit the problem.
        >
        > Some user, in my University, reply to phishing email and give username and password of your email account; then the malicious send spam email up to we block account, but our server often will list in blacklist.
        >
        > There is a way to limit this problem? If i enable smtp-auth can i limit sent email in timestamp?Any other suggestion?
        >
        > Thnaks in advance
        >
        > Antonio
        >

        as quick workaround you could use clamav-milter
        with sanesecurity antipishing sigs, that should help with known wide
        spreaded spam


        --
        Best Regards

        MfG Robert Schetterer

        Germany/Munich/Bavaria
      • Selcuk Yazar
        Hi, we have same problem in turkey. we prefered policyd v2.0. It has user@domainquota control and other policy restrictions. but you need set your policies
        Message 3 of 7 , Jul 1, 2011
        • 0 Attachment
          Hi,

          we have same problem in turkey. we prefered policyd v2.0. It has user@domain quota control and other policy restrictions. but you need set your policies correctly

          selcuk

          On Fri, Jul 1, 2011 at 2:10 PM, Reindl Harald <h.reindl@...> wrote:


          Am 01.07.2011 12:56, schrieb Antonio Tommasi:
          > Hi to all,
          > i describe my scenarious and i'd like any suggest to resolve/limit the problem.
          >
          > Some user, in my University, reply to phishing email and give username and password
          > of your email account; then the malicious send spam email up to we block account,
          > but our server often will list in blacklist.
          >
          > There is a way to limit this problem? If i enable smtp-auth can i limit sent email in timestamp?
          > Any other suggestion?

          anvil_rate_time_unit                 = 1800s
          smtpd_client_connection_rate_limit   = 50

          but this restricts only connections/ip and does not help
          if userdata form poor idiots are distrributed worldwide

          normally everybody who is offering userdata to foreigners should be tarred and feathered
          as also the individuals buying some crap after receiving spam mails since they are the
          only reason sending millions mails every hour is a working business




          --
          Selçuk YAZAR
          http://www.selcukyazar.blogspot.com
        • Benny Pedersen
          ... reject forged phishmails before users is dump enough to reply on it
          Message 4 of 7 , Jul 1, 2011
          • 0 Attachment
            On Fri, 1 Jul 2011 12:56:51 +0200, Antonio Tommasi wrote:

            > There is a way to limit this problem? If i enable smtp-auth can i
            > limit sent email in timestamp?Any other suggestion?

            reject forged phishmails before users is dump enough to reply on it
          • Simone Caruso
            ... Block incoming phishing mails with proper antispam/antivirus policies and softwares. ... policyd can help u with rate-limits but this is not the solution.
            Message 5 of 7 , Jul 1, 2011
            • 0 Attachment
              On 01/07/2011 12:56, Antonio Tommasi wrote:
              > Hi to all,
              > i describe my scenarious and i'd like any suggest to resolve/limit the problem.
              >
              > Some user, in my University, reply to phishing email and give username and password of your email account; then the malicious send spam email up to we block account, but our server often will list in blacklist.
              >
              > There is a way to limit this problem?
              Block incoming phishing mails with proper antispam/antivirus policies and softwares.

              > If i enable smtp-auth can i limit sent email in timestamp?
              policyd can help u with rate-limits but this is not the solution.


              --
              Simone Caruso
              IT Consultant
              www.simonecaruso.com
            • Len Conrad
              ... I fixed this very bad problem we had with postfwd rate-limiting on our outbound gateway. I harvested from past outbound logs our legit senders of volume
              Message 6 of 7 , Jul 1, 2011
              • 0 Attachment
                At 05:56 AM 7/1/2011, you wrote:
                >Hi to all,
                >i describe my scenarious and i'd like any suggest to resolve/limit the problem.
                >
                >Some user, in my University, reply to phishing email and give username and password of your email account; then the malicious send spam email up to we block account, but our server often will list in blacklist.
                >
                >There is a way to limit this problem? If i enable smtp-auth can i limit sent email in timestamp?Any other suggestion?

                I fixed this very bad problem we had with postfwd rate-limiting on our outbound gateway. I harvested from past outbound logs our legit senders of volume mail and except them from rate limiting. All other senders that exceed the rate limit get HOLD. fixed or problem.

                We have not been able to stop all phishing inbound (postfix/IMGate + clam + 3rd party sigs on MX, then barracuda for content-scanning), but even there, postfwd inbound rate limiting stops much of the phishing that comes in bunches of many 10s or 100s.

                Len





                >Thnaks in advance
                >
                >Antonio
                >
                >
              Your message has been successfully submitted and would be delivered to recipients shortly.