Ian Eiloart writes:
> --On 26 December 2006 05:53:12 +0000 Monty Ree <[EMAIL PROTECTED]> wrote:
> 
> > Hello, list.
> >
> > I have used well SA with procmail well against incoming mail.
> > But there are lots of outgoing spam-mails using web programs or using
> > sendmail at my server.
> > (There are several domains are hosted at the server.)
> >  So is there any program like spamassassin which can filter against
> > outgoing spam mail?
> > or any program which can limit sending spam-mail?
> >
> > Please recommend any for me..
> >
> > my system is linux and sendmail.
> 
> Don't use spamassassin for this. That's intended for use when you can't 
> police the sender.

On the contrary -- many ISPs already use SpamAssassin to detect and filter
spam in outbound mail.  It's a perfectly ok usage, but you'll have to
do some work to customise it for that purpose, since it's not exactly what
it's designed for...

--j.

> First, use a firewall to force web applications to use your mail server, 
> and not connect directly to remote mail servers. Otherwise, you can't know 
> that you're even seeing all the email.
> 
> Then, require that web applications use a username and password to connect 
> to your host. The PHP class PHPMailer, for example, can do this. That way 
> you can trace offenders by checking the sender address.
> 
> Require that sender addresses are not spoofed. That way the real sender 
> (well, the web application owner) can be held to account for misdemeanours.
> 
> Arrange that copies of emails are sent to you (and maybe the application 
> owner), perhaps stripped of the body, or at least notifications. That way, 
> you can get early alerts of abuse. You might want to rate-limit the sending 
> of email.
> 
> -- 
> Ian Eiloart
> IT Services, University of Sussex

Reply via email to