Is the spam being sent with forged source IPs or headers? I'm playing with ways of tying sent mails to answers to reverse DNS lookups (a lot of mail servers are configured to do a reverse lookup when they receive a mail and will drop mail if the 'sending' DNS doesn't answer.) If your customers are using you as a mail forwarder/router, that's a start.
It won't help if you have individual mail clients sending over your server, but you might want to look into setting up something like SMTPAUTH or SMTP/TLS, tied to the same auth mechanism they use for getting imap/pop mail. Otherwise a lot of mail servers will let you set up rate limiting based on bounces (of which mass spam will get quite a few.) Cheers, -John > Hi folks, > > I see a growing number of customers being infected by an "unknown yet" > virus/trojan (probably an openproxy used by a 3rd party) sending TONS of > spam using our smtp server. > > Do others also see that? > Do you have any good solution against this? > > > Pascal > > ---------------------------------------------- > [EMAIL PROTECTED] Maillist-Archive: > http://www.mail-archive.com/swinog%40swinog.ch/ > ---------------------------------------------- [EMAIL PROTECTED] Maillist-Archive: http://www.mail-archive.com/swinog%40swinog.ch/
