spam problems

Submitted by rjrsinc on Tue, 10/27/2009 - 10:07 Pro Licensee

We occasionally have an end user that will violate the email policy of our server by sending emails in a wide broadcast. This might lead to our server being blacklisted.

1) How do we change the IP for outgoing email on our server for all Virtual Domains, in case we are blacklisted, while we are working the issue? 2) Can we assign separate IP for sending email for specific virtual domains? 3) Can we throttle or temporarily suspend outgoing email for a specific virtual domain, when an end user from that domain is sending mass email?

Status: 
Closed (fixed)

Comments

Submitted by JamieCameron on Tue, 10/27/2009 - 11:41

Some of these are possible :

1) This can be done by editing /etc/postfix/main.cf and setting smtp_bind_address to your other IP, then restarting Postfix.

2) Not possible, sorry.

3) Depends on how the user sends email - if it is just by SMTP relaying, you could lock his account. If it is via a script on the system, there is no way that I know of..

Submitted by rjrsinc on Thu, 11/12/2009 - 07:21 Pro Licensee

Thanks for the info. Regarding the third item, is there a way to have the system automatically throttle or disable the account if the email being sent from that account exceeds a certain threshold?

Submitted by JamieCameron on Thu, 11/12/2009 - 11:47

Sorry, but I don't know of any way to have Postfix throttle a user like that..

Submitted by andreychek on Thu, 11/12/2009 - 11:48

I'm not aware of a way to do this per-user, but you can look into Postfix settings such as smtp_destination_rate_delay and relay_destination_rate_delay in order to limit how fast email in general goes out.

If you do any coding, you could probably put together a script to run every N minutes or hours to look through the email logs, and disable the ability to send email if they've sent too much in a given time period.

But I don't know of any existing tools to handle that :-)

Submitted by rjrsinc on Fri, 11/13/2009 - 08:47 Pro Licensee

Thanks. We will run with that.