>From: Axb <axb.li...@gmail.com>
>Sent: Thursday, February 16, 2017 4:54 AM
>Subject: Re: Filtering outbound mail
>On 02/16/2017 11:07 AM, David Jones wrote:
>> Would it make sense for me to setup/manage my own custom
>> rules for checking the To: header or could the FreeMail plugin
>> be extended to add new rules like FREEMAIL_TO?
>To block outbound bursts using SA is probably the most inneficient method.
>Fai2ban is probably safer / easier to manage
>Also, look into inbound rating per sender / IP & time period.
I have implemented rate limiting and very accurate RBL
checking on inbound mail.
I can't do blocking with fail2ban or rate limiting on outbound
customer mail since not all of them setup a dedicated
NAT IP for their servers that send email so blocking an IP
could have multiple servers behind that NAT IP.
Our primary customers are K12 education and libraries
which have automated software that blast out emails
to parents and patrons for school attendance, grades,
progress reports, and book overdue reports. I have
whitelisted these types of emails with a SHORTCIRCUIT
rule that is excluded from the compromised account
I guess I will setup/maintain my own FREEMAIL_TO
rules but I thought that others would also have the
same need. Maybe not. Seemed logical to extend
the FreeMail plugin to add a few new rules.