> Jonathan S?lea: >> Good evening, >> >> I am in the process of setting up a smtp-relay for a hosting provider. >> >> Basically, the relay should relay emails from hundreds of servers out to >> the net. I do want some "protection" against if a website is hacked and >> starts to spew out thousands of emails. >> For example: >> www.siteA.xyz on ServerY is hacked and someone is using mail() in order >> to send hundreds of thousands email via localhost - that is relayed to >> the smtp relay (that only accepts mail from internal servers). And >> instead of relaying them out to the web it does stop thoose kind of email. >> >> Is that possible? Can postfix just dump the emails "down the drain" >> instead of sending them? And can that be triggered if ServerY sends 100 >> emails in 10 seconds for example.
Since you seem to be on Linux, you might be able to do this with iptables and not bother Postfix, which pays attention to the RFCs. If iptables can catch the spam, you could have iptables redirect to a little daemon you write that puts the mail in /dev/null, then returns and logs exactly what Postfix says when it sends successfully. If this is a serious spammer, that'd pull the rug right out from under him/her. -- Glenn English
