I forgot to mention that I have a second cronjob that cleans up the abused accounts list daily:
30 6 * * * rm -f /tmp/mail_abusers/* > /dev/null 2>&1 On Mon, May 21, 2012 at 1:29 PM, Joe Nelson <[email protected]> wrote: > Sure, I'm happy to contribute. I've attached a copy of the script for all > to use as you wish. Be aware that this was a quick and dirty little script > that was written to solve a particular problem. It may need tweaking to > work on your system and it may need additional error checking, etc but it > has been running on our system for over a year without a hiccup. In that > time, it's saved my fellow admins and I lots of heartache! > > As for using the submission port, well, I must admit that I haven't put > enough thought into it to determine if it will be good for us or not. My > guess it that it's probably something I should implement, but I'm not > sure. Maybe some research is in order. Any pointers on good places to > start? > > > > On Mon, May 21, 2012 at 12:16 PM, Eric Shubert <[email protected]> wrote: > >> Nice solution. Care to share the script? >> >> I presume you either don't use the submission port (587), or you have >> spamdyke running on it. If the later, why? >> >> Thanks. >> >> -- >> -Eric 'shubes' >> >> >> On 05/21/2012 10:59 AM, Joe Nelson wrote: >> > We have a python script that checks the Spamdyke logs every 5 minutes >> > for users who have sent more emails than a predefined threshold. If >> > they have, it automatically changes their password to a randomly >> > generated one, immediately locking out the spammers who have access to >> > their account. It then emails technical support so that they can >> > contact the customer to get the problem resolved permanently. It's been >> > great for us to have this place and most customers understand that we're >> > actually protecting them, even if they are the ones who's accounts were >> > compromised. >> > >> > >> > On Wed, May 16, 2012 at 2:08 AM, Hartmut Wernisch | Domaintechnik.at >> > <[email protected] >> > <mailto:[email protected]>> wrote: >> > >> > On 16 May 12, Ratko Rudic wrote: >> > > Hi spamdykers! >> > > >> > > Is there a feature that would allow user to send only X emails >> in Y >> > > minutes. An example would be max 10 emails in 5 minutes? >> > >> > http://qmail-spp.sourceforge.net/ >> > >> > > >> > > And a subquestion: what do you do if user's password got leaked >> to >> > > spammers and then those spammers authenticate as this user. (and >> send >> > > enormous amount of spam in just couple of hours). >> > > Is there a way to prevent this? >> > >> > Monitoring :) >> > We use Nagios to monitor our services. Most spamming can be trapped >> by >> > watching the queue size. Maybe you want to monitor the message >> status >> > too. >> > >> > Best, >> > Hartmut >> > >> > _______________________________________________ >> > spamdyke-users mailing list >> > [email protected] >> > <mailto:[email protected]> >> > http://www.spamdyke.org/mailman/listinfo/spamdyke-users >> > >> > >> > >> > >> > -- >> > Joe Nelson >> > Digital Worx >> > http://www.digitalworx.net >> > >> > >> > _______________________________________________ >> > spamdyke-users mailing list >> > [email protected] >> > http://www.spamdyke.org/mailman/listinfo/spamdyke-users >> >> >> _______________________________________________ >> spamdyke-users mailing list >> [email protected] >> http://www.spamdyke.org/mailman/listinfo/spamdyke-users >> > > > > -- > Joe Nelson > Digital Worx > http://www.digitalworx.net > -- Joe Nelson Digital Worx http://www.digitalworx.net
_______________________________________________ spamdyke-users mailing list [email protected] http://www.spamdyke.org/mailman/listinfo/spamdyke-users
