Jan-Frode Myklebust wrote: > >> and I still fail to understand how controlling your customers >> envelope sender will help with backscatterer.org. > > It will make sure that when viruses/malware on the customers computer is > sending out spam from fake addresses, the bounces goes back to the > customer with the infected computer -- instead of to whomever the > malware was pretending to send from. >
I have never seen malware use SMTP AUTH via the smarthost SMTP. Most malware shoot directly on 25/tcp. Maybe you'll be better off blocking 25/tcp and force users to use the submission port (587/tcp) with SMTP AUTH and possibly STARTTLS. I think your spam problems will go away if you do that. HTH, Mikael