Hi Alexandre,
At 10:44 16-02-10, Alexandre Chapellon wrote:
I have a quite buggy customer network, full of zombie PCs that
spends all days sending spam and wasting the whole "reputation" of my networks.
Do they send these messages through your mail server?
As a result it sometimes become quite hard to delivers queues for
specific domains such as Yahoo!'s hosted ones. Indeed they have some
temp fail (blacklist) mechanism that forbid my servers to send
messages to them during hours.
Taht's why I would like to setup some ougoing filtering to avoid
sending too much spam through my mail relays. I think SA can help me
in doing so, but I know too it's not really intented to work this
way. I guess SA expects to work on MX hosts more than on smtp relays.
You can still run some SpamAssassin tests to catch some of the spam.
My prerequisites are mainly:
- STOP as much spam as possible at SMTP time (before queuing)
As this is outgoing, post-SMTP filtering is not much of an issue.
Further more I can't rely on RBL because a lot of my dyn IP address
are regularily listed on different blacklist.
Relying on other people to tell you that there is a problem on your
network is not a good idea.
Sign up for feedback loops. Rate limit mail submissions or set up
triggers to identify abnormalities. You may also wish to do traffic
flow analysis to see what's going through your network.
Regards,
-sm
