Wietse Venema wrote:
Johan Andersson:
Hi,
We have a slight problem with accounts being phished/hacked and spammers
using them for their stuff.
Servers are as safe as the customer will make them at the moment...
which sadly means that some of the very mixed staff
answers phishing mails and gives out their passwords from time to time...
The usual mails sent from the site has form one to a few recipients with
the odd one being addressed to a few more...
When the spammers get a hold of the accounts though they usually send
hundreds of mails to as many recipients they can fit in each mail...
What I would like to do is to put mails over a certain numbers of
recipients into the hold queue for review before we send them on
especially if the recipients are all in the same domain, f.ex. yahoo.com
or such...
I've seen the parameters used to limit the number of recipients, but I
only want to hold them, not reject them.
Is there something ready for this or will I have to put a policy_filter
of my own together?
You will have to use a policy plugin. policyd, among others, implements
per-user quotas.
According to http://www.policyd.org/tiki-index.php?page=ModuleFeatures
can reply with "hold", "reject", and so on.
Wietse
Yes, looked at it now...
I checked a few of the ones available and after a few test decided to
use the pfxpold one from the links.
Very easy to configure up...
I modified it to check the recipient_count and reply "DUNNO" if less or
equal than the limit and "HOLD" when over it.
Then added
smtpd_data_restrictions=
check_policy_service inet:127.0.0.1:9998,
permit
worked like a charm...
I will see if I can tune it in and connect a report to OP5 also so that
I will see when something gets caught.
/Johan A
