On Mon, June 6, 2016 10:10 pm, Sebastian Nielsen wrote: Sebastian, thanks
> Second, the problem is that you will only get your backup server > blacklisted/poorreputated aswell. I would suggest solving the underlying > problem instead, so accounts is harder to compromise, by implementing a > few restrictions: the last two issues I had were caused by single compromised sasl auth senders; all users are remote to server, and, since last couple years were offered smtp auth (instead of using local isp smtp) > > Theres multiple ways to solve the problem. > 1: If your users belong to a specific office, I would suggest restricting > sending email from that office. If some users must have remote access, > give such access via a VPN instead. A spammer won't connect to a dialin > VPN using compromised credentials and try to find a mailserver there and > find compromised credentials to that too, its too much trouble for too > little gain. > 2: If you run a webhosting company or something similiar, > restrict logins to the mail server via geoIP to the same country as the > account in question was bought and registred from. The country (for > example Sweden) they buy and register the account from, will be saved > into a db. When a mail is sent through submission server, check that the > country they are connecting from, match whatever is stored for their > account inside database. This will avoid account compromise as the > accounts can only be used in their "home countries". some users travel, so can be different country > 3: Needless to say, > its a good idea to restrict so the accounts can only send from their own > email and the domain they either own or the domain your server is > authorative for. how to implement such ? there is around 20 domains on the server
