OT: Filtering OutBound SPAM

Eduardo Casarero ecasarero at gmail.com
Wed Feb 4 15:21:54 GMT 2009


Hi, i've a rare scenario with one of my customers and i though that someone
from here could give me some fresh(?) ideas.

My client has it's own MTA (wich i don't manage, neither have access to
logs, etc) and it sends all outbound traffic to my server that has
(MScanner, SA, clamav, dcc, pyzor, razor, some custom rules, etc).

The problem i've right now is that (i assume) some malware stole valid
user/passwords to authenticate in the smtp server of my client, so tons of
spam are trying to get out to internet through my server.

Althogh all anti-spam stuff seems to work, i need some new countermeasures
to stop this at MailScanner stage (i cant do anything at MTA level because
everything comes from the same ip).

Any idea?

something like my own checksum repository, or url blacklist, or header
authentication matching, etc.

Any help would be appreciated.

Eduardo.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20090204/324d4cb6/attachment.html


More information about the MailScanner mailing list