On 24/06/17 00:37, Daniel Miller wrote: > I had a couple of accounts with too simple passwords hacked. And > obviously my mail server is entirely too efficient - I think about 50k > spams got blasted out before I caught it (because we got in the DNSBL's). > > Separate from improving the password security - what can I do to limit > the damage a compromised account can cause? Without receiving user > complaints about not being able to send the latest cute kitty pictures > to their whole addressbook? > > Are there per-sender limits that can/should be applied? And is there a > way I can be notified of a suspicious condition - without manually > monitoring the queue? > > -- > Daniel >
You might like to consider an ACL, or something like http://www.postfix.org/postconf.5.html#smtpd_reject_unlisted_sender to limit (forged) outbound emails from domains you don't control. Allen C