On 10/22/2013 03:11 PM, Jim Howell wrote:
Hi,
Thanks for the response. One question however. The "spammer@xxxxxxx"
that is the envelope from, correct? We offer an authenticated server for
people to use to send email via a fat client such as Thunderbird. The
problem I'm trying to solve is to refuse their connection when they
authenticate and not at the envelope from, aka earlier in the SMTP
session. We unfortunately have too many people with compromised
credentials using the service. Thanks.
Don't know about your domain, but this equality isn't usually valid, and you shouldn't reject
messages just based on this.
There are other ways to solve your problem. On of them is to do rate limits, based on connection
rate/message rate or recipient rate, to avoid spam being sent. Take a look at :
http://www.j-chkmail.org/wiki/doku.php/doc/howto/outgoing_spam
the idea is there, using our filter, but you can implement it with others if you prefer.
To avoid accounts being compromised you can, e.g., reject outgoing messages (with credentials) being
sent to some database of phishers reply adresses. Take a look at
http://groups.google.com/group/anti-phishing-email-reply-discuss/topics
--
Envoyé de ma machine à écrire.
---------------------------------------------------------------
Spam : Classement statistique de messages électroniques -
Une approche pragmatique
Chez Amazon.fr : http://amzn.to/LEscRu ou http://bit.ly/SpamJM
---------------------------------------------------------------
Jose Marcio MARTINS DA CRUZ http://www.j-chkmail.org
Ecole des Mines de Paris http://bit.ly/SpamJM
60, bd Saint Michel 75272 - PARIS CEDEX 06
mailto:Jose-Marcio.Martins@xxxxxxxxxxxxxxxxxx
