Force a sender's email to quarantine?
Robert Lopez
rlopezcnm at gmail.com
Wed Jan 20 18:03:24 GMT 2010
[In gmane I see this subject question has been asked, but I saw no answer.]
We have an application that helps us shut down SPAM email being sent
out from a compromised account.
(Invariably compromised after the account owner replied to some phishing email.)
The application tails the maillog and keeps data to detect when any
individual account starts to send a lot of email.
Right now the action is to send a page to our team.
We then access the gateway that sent the page and make a guess if it
could be legitimate or really a spammer.
We would like to change the application to put all of the email from
the identified account into a quarantine file.
Using postfix and MailScanner, we might have opportunities to use either tool.
Due to MailScanner using the postfix hold que to pass email to
MailScanner, I do not think we have the possibility of having postfix
put the selected email on hold.
I am looking for a way to use MailScanner to quarantine all the user's
email (whole message) as queue files.
Any suggestions as to which MailScanner features could be used to do this?
--
Robert Lopez
Unix Systems Administrator
Central New Mexico Community College (CNM)
525 Buena Vista SE
Albuquerque, New Mexico 87106
More information about the MailScanner
mailing list