On Mon, 16 Sep 2013, Mihamina Rakotomandimby wrote: > [Er.shashank.singh's] message was not very clear. > But as far as I understood: > - If people can steal credentials: secure your credentials > - If people send spam: the solution is not rate limiting
Despite the reference to "per Hour" in the subject, I think what he's asking for is not rate limiting, but making sure that all relayed mail is sent "from" the mailbox assigned to the user who owns the credentials. It's still unclear whether he means the envelope sender (MAIL FROM: argument) or one of the headers. That would make it obvious whose credentials have been stolen when the spam complaints roll in. It also makes credentials stolen from his users a tiny bit less valuable to the bad guys. That's a reasonable thing to do, and it is done in the ACL. However, we can't just give him a code snippet to insert, because the needed coding depends very much on the way his user database is organized. ---- Michael Deutschmann <[email protected]> -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
