[Mimedefang] OT: control internal spam

Kenneth Porter shiva at sewingwitch.com
Tue May 3 19:00:34 EDT 2005


--On Tuesday, May 03, 2005 5:05 PM -0500 -ray <ray at ops.selu.edu> wrote:

> Any ideas on how to combat this?  Obviously we have to allow SMTP for
> internal legit clients on our network.  Is SMTP AUTH the answer? Or pop
> before SMTP? (currently not using these).  Some kind of rate limiting per
> IP?  Just looking for any ideas...

The AUTH will identify the sender but not prevent the occurrence (except by 
deterrence). Rate limiting is probably your best bet. You can combine the 
two to limit by authenticated ID. You can then whitelist those authorized 
to send bulk. I'd suggest a token bucket limiter. Maybe count all messages 
to a given recipient once, to allow for rapid correspondence with the same 
person.

Are you running SpamAssassin on your outbound traffic? Even if you don't 
use it for filtering, you could use it to weight the limiter.



More information about the MIMEDefang mailing list