Force a sender's email to quarantine?

Robert Lopez rlopezcnm at
Wed Jan 20 18:03:24 GMT 2010

[In gmane I see this subject question has been asked, but I saw no answer.]

We have an application that helps us shut down SPAM email being sent
out from a compromised account.
(Invariably compromised after the account owner replied to some phishing email.)
The application tails the maillog and keeps data to detect when any
individual account starts to send a lot of email.
Right now the action is to send a page to our team.
We then access the gateway that sent the page and make a guess if it
could be legitimate or really a spammer.

We would like to change the application to put all of the email from
the identified account into a quarantine file.
Using postfix and MailScanner, we might have opportunities to use either tool.

Due to MailScanner using the postfix hold que to pass email to
MailScanner, I do not think we have the possibility of having postfix
put the selected email on hold.

I am looking for a way to use MailScanner to quarantine all the user's
email (whole message) as queue files.

Any suggestions as to which MailScanner features could be used to do this?

Robert Lopez
Unix Systems Administrator
Central New Mexico Community College (CNM)
525 Buena Vista SE
Albuquerque, New Mexico 87106

More information about the MailScanner mailing list