--On Tuesday, May 03, 2005 5:05 PM -0500 -ray <[EMAIL PROTECTED]> wrote:
Any ideas on how to combat this? Obviously we have to allow SMTP for internal legit clients on our network. Is SMTP AUTH the answer? Or pop before SMTP? (currently not using these). Some kind of rate limiting per IP? Just looking for any ideas...
The AUTH will identify the sender but not prevent the occurrence (except by deterrence). Rate limiting is probably your best bet. You can combine the two to limit by authenticated ID. You can then whitelist those authorized to send bulk. I'd suggest a token bucket limiter. Maybe count all messages to a given recipient once, to allow for rapid correspondence with the same person.
Are you running SpamAssassin on your outbound traffic? Even if you don't use it for filtering, you could use it to weight the limiter.
_______________________________________________
Visit http://www.mimedefang.org and http://www.canit.ca
MIMEDefang mailing list
[email protected]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
