Am 01.02.2012 03:03, schrieb [email protected]:
> We run a small cluster of postfix servers that are dedicated outbound
> relayhosts for our customers.  Beyond the outbound postfix cluster we have
> another cluster of mail filtering appliances that have served their purpose
> very well, but we are starting to get more compromised account due to
> phishing attempts and some of the spam is getting through the outbound
> filters due to the volume of new spam messages.  
> 
> I am looking for advice on how to limit our exposure to malicious senders
> that have access to a users credentials.  One method we have zero
> experience in is using RBLs, which I am hoping to learn more about.
> 

i wouldnt do it with rbl in this case, i see no sense in it
you may use clamav-milter with sanesecurity sigs and simply get hold mails
for human inspection, or use amavis etc
once find a hacked or compromised account, delete it ,or infom the user
etc, or build some reject access list for them ( perhaps you can call
this a local rbl )

outbound spam is a problem ever

-- 
Best Regards

MfG Robert Schetterer

Germany/Munich/Bavaria

Reply via email to