Am 01.02.2012 03:03, schrieb [email protected]: > We run a small cluster of postfix servers that are dedicated outbound > relayhosts for our customers. Beyond the outbound postfix cluster we have > another cluster of mail filtering appliances that have served their purpose > very well, but we are starting to get more compromised account due to > phishing attempts and some of the spam is getting through the outbound > filters due to the volume of new spam messages. > > I am looking for advice on how to limit our exposure to malicious senders > that have access to a users credentials. One method we have zero > experience in is using RBLs, which I am hoping to learn more about. >
i wouldnt do it with rbl in this case, i see no sense in it you may use clamav-milter with sanesecurity sigs and simply get hold mails for human inspection, or use amavis etc once find a hacked or compromised account, delete it ,or infom the user etc, or build some reject access list for them ( perhaps you can call this a local rbl ) outbound spam is a problem ever -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria
