Outbound spam prevention & reaction
ugob at lubik.ca
Wed Dec 12 15:30:04 GMT 2007
I was wondering what you guys are doing to prevent outbound spam and
react to it.
I relay for a few IPs but I'm a little scared about having spams sent
through my MS server that may get me listed on a DNSBL... I could set a
separate server for outbound so that I can tweak it differently...
I thought of:
- Using the 'bounce' setting in MailScanner so that spam senders are
notified (for false positives). A "forward" rule could also be used to
- Have a second quarantine report running to show quarantined outbound
e-mails, per IP address, or something similar
However, SA is not as good at detecting spam when it is going outbound,
so I thought we should enforce a strict throttling on all outbound IPs
(connection rate & concurrent connections).
If several spams are caught, what would be your reaction? Deny the
relay or firewall them off? Deny relay would mean that they would get
DSNs when trying to send, and they would "loose" their e-mails"
Hum... I have no idea except to enforce strict firewalling and good
More information about the MailScanner