Hi Stefan, I am encouraged that you're choosing to be proactive and want to configure your platform and processes to reduce the risk of email abuse.
M3AAWG, the Messaging, Mobile and Malware Anti-Abuse Working Group has published numerous best practices documents to help senders and ESPs reduce abusive email: https://www.m3aawg.org/published-documents A few that will interest you: https://www.m3aawg.org/sites/default/files/document/M3AAWG_Senders_BCP_Ver3-2015-02.pdf https://www.m3aawg.org/sites/default/files/m3aawg-senders-complaint-handling-2017-12.pdf https://www.m3aawg.org/sites/default/files/document/MAAWG_Vetting_BCP_2011-11.pdf https://www.m3aawg.org/sites/default/files/document/CodeofConduct.pdf https://www.m3aawg.org/sites/default/files/m3aawg-dkim-key-rotation-bp-2019-03.pdf If your service will enable customers to collect email addresses via a web form, you can reduce the risk of list bombing: https://www.m3aawg.org/rel-WebFormHeader As your email volume grows, you may qualify for a Gmail Postmaster Tools account, which can provide helpful insight: https://www.gmail.com/postmaster/ Regards, Paul Kincaid-Smith EmailGrades On Wed, May 8, 2019 at 10:48 AM Stefan Bauer via mailop <mailop@mailop.org> wrote: > Hi, > > > we're providing a small smtp sent-service for our customers (via > submission port / auth only - postfix). ~ 7.000 outgoing mails / day (via 2 > hosts in different data centers/ip networks). > > > As the amount of mails increase, we would like to be ready for > > > - stolen auth-data to our service is used for sending spam > > > - broken clients send thousand of mails/minute > > > - one of our pub-ips get blacklisted / rerouting traffic? > > > - ISPs block our complete provider networks (and we are included) > > > - Perm-blocks with 5xx, always return all 5xx to senders? > > > > How do you guys prepare yourself for this? > > > we have in place: > > > only allow pre-defined sender-addresses after auth > > monitor mail-queues for high connection count > > monitor RBLs if we're listed > > only allow single mail / 5s to be sent outgoing > > anti-virus checking of attachments > > > Would be awesome to get some insight how "big sites" handle this and maybe > other cases. > > > Thank you! > > > Stefan > _______________________________________________ > mailop mailing list > mailop@mailop.org > https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop >
_______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
