On 11/15/2010 5:08 AM, Ignacio García wrote:
Hi there...
I'm having a problem with one of our servers. We have been
blocked by CBL because one of our customers have been sending
many emails recently from his php-based bulletin system. This
system does not send lots of emails (it's programmed to send 1
email each 10 seconds), but they have more than 3000 email
accounts in their database, and maybe half of them are wrong,
have typos, etc (unfortunately, the customer does not delete
their wrong entries). Also, some unexprienced recipients of
this bulletin may have also reported these emails as spam
instead of UNSUBSCRIBING (I've seen this many times) from the
bulletin. Anyway, my question is:
What can we do to prevent this customer (and others in the
future) to abuse our system this way? I was thinking of using
postfix address verification, however there also also problems
with this approach.
Thanks
Ignacio
You're trying to solve a behavior problem with technology;
that's hard to do. Sending lots of verification probes that
fail is not much different that sending lots of messages that
fail.
From a postfix standpoint, your best choice is to put the
problem customers on their own IP block, as far away from the
good customers as you can get them. Rate limits (with a
policy service such as policyd) and outbound spam/virus
scanning (SpamAssassin/clamav/etc.) might not help in this
particular case, but may help with others in the future.
Note that some zealous sysadmins don't require a lot of
evidence to declare you spammer-friendly and blackhole your
whole IP space.
Your better choice is to work with the customer to reduce
their bounces. Real maillist software will unsubscribe
addresses that bounce more than a certain number of times.
If that doesn't help (or they don't cooperate) terminate their
service before they pollute your whole operation.
-- Noel Jones
