Enforce a better password policy - our work password policy is minimum 8 characters, and 3 out of the 4 of the following: Upper Case Lower case Number Special Character - any shift + top row number) - ie !@#$%^&*(
By this policy hellowhowareyou wouldn't work because it only has lower case letters. Neither would Hellowhoware you since it only has 2 of the 4. But Hellohowareyou4 would. Or IP based authentication maybe? On Sat, Apr 23, 2011 at 6:45 PM, Rajesh Kumar Mallah <mallah.raj...@gmail.com> wrote: > Hi, > > We allow relaying of email via our server to our clients using authentication. > The problem is that some miscreants have got hold of our clients password > and are using our email server to send SPAM after successfully authenticating. > > Please tell how to control this situation. > > I was thinking in lines of enforcing policies on even authenticated smtp > clients > that are pumping SPAM . Eg restrict clients not to send more than 10 emails > per minute , etc. > > Any help would be greatly appreciated. > > Regds > Mallah. >
