Do not allow some ids to authenticate
Jose-Marcio Martins da Cruz
jose-marcio.martins at ensmp.fr
Tue Oct 22 09:35:16 EDT 2013
On 10/22/2013 03:11 PM, Jim Howell wrote:
> Hi,
> Thanks for the response. One question however. The "spammer at aol.com"
> that is the envelope from, correct? We offer an authenticated server for
> people to use to send email via a fat client such as Thunderbird. The
> problem I'm trying to solve is to refuse their connection when they
> authenticate and not at the envelope from, aka earlier in the SMTP
> session. We unfortunately have too many people with compromised
> credentials using the service. Thanks.
Don't know about your domain, but this equality isn't usually valid, and you shouldn't reject
messages just based on this.
There are other ways to solve your problem. On of them is to do rate limits, based on connection
rate/message rate or recipient rate, to avoid spam being sent. Take a look at :
http://www.j-chkmail.org/wiki/doku.php/doc/howto/outgoing_spam
the idea is there, using our filter, but you can implement it with others if you prefer.
To avoid accounts being compromised you can, e.g., reject outgoing messages (with credentials) being
sent to some database of phishers reply adresses. Take a look at
http://groups.google.com/group/anti-phishing-email-reply-discuss/topics
--
Envoyé de ma machine à écrire.
---------------------------------------------------------------
Spam : Classement statistique de messages électroniques -
Une approche pragmatique
Chez Amazon.fr : http://amzn.to/LEscRu ou http://bit.ly/SpamJM
---------------------------------------------------------------
Jose Marcio MARTINS DA CRUZ http://www.j-chkmail.org
Ecole des Mines de Paris http://bit.ly/SpamJM
60, bd Saint Michel 75272 - PARIS CEDEX 06
mailto:Jose-Marcio.Martins at mines-paristech.fr
More information about the Cyrus-sasl
mailing list