Ian Eiloart writes: > --On 26 December 2006 05:53:12 +0000 Monty Ree <[EMAIL PROTECTED]> wrote: > > > Hello, list. > > > > I have used well SA with procmail well against incoming mail. > > But there are lots of outgoing spam-mails using web programs or using > > sendmail at my server. > > (There are several domains are hosted at the server.) > > So is there any program like spamassassin which can filter against > > outgoing spam mail? > > or any program which can limit sending spam-mail? > > > > Please recommend any for me.. > > > > my system is linux and sendmail. > > Don't use spamassassin for this. That's intended for use when you can't > police the sender.
On the contrary -- many ISPs already use SpamAssassin to detect and filter spam in outbound mail. It's a perfectly ok usage, but you'll have to do some work to customise it for that purpose, since it's not exactly what it's designed for... --j. > First, use a firewall to force web applications to use your mail server, > and not connect directly to remote mail servers. Otherwise, you can't know > that you're even seeing all the email. > > Then, require that web applications use a username and password to connect > to your host. The PHP class PHPMailer, for example, can do this. That way > you can trace offenders by checking the sender address. > > Require that sender addresses are not spoofed. That way the real sender > (well, the web application owner) can be held to account for misdemeanours. > > Arrange that copies of emails are sent to you (and maybe the application > owner), perhaps stripped of the body, or at least notifications. That way, > you can get early alerts of abuse. You might want to rate-limit the sending > of email. > > -- > Ian Eiloart > IT Services, University of Sussex