Comments on: Outbound Email Spam is teh suck http://blogs.iphouse.net/mike/2009/07/outbound-email-spam-is-teh-suck/ Spewing from the heart Wed, 18 Jan 2012 21:05:41 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: mike http://blogs.iphouse.net/mike/2009/07/outbound-email-spam-is-teh-suck/comment-page-1/#comment-26 mike Tue, 27 Oct 2009 23:13:15 +0000 http://blogs.iphouse.net/mike/?p=223#comment-26 <a href="#comment-25" rel="nofollow">@dannyclyde</a> Hey there! Implemented parts of policyd (cluebringer or cbpolicyd). (hate when kiddies decide to name things) Set it up for a sliding 1 hour window and set metrics, and allow customers to go over by contacting us and putting them into a different bucket. Has worked well so far. Since we only allow SASL authenticated relay - I set the authentication key to be their SASL username - what IP they come from doesn't matter, so even if an account is breached and abuse is coming from multiple IP addresses - it is caught. Best of luck! Mike @dannyclyde Hey there!

Implemented parts of policyd (cluebringer or cbpolicyd). (hate when kiddies decide to name things)

Set it up for a sliding 1 hour window and set metrics, and allow customers to go over by contacting us and putting them into a different bucket.

Has worked well so far. Since we only allow SASL authenticated relay – I set the authentication key to be their SASL username – what IP they come from doesn’t matter, so even if an account is breached and abuse is coming from multiple IP addresses – it is caught.

Best of luck!

Mike

]]> By: dannyclyde http://blogs.iphouse.net/mike/2009/07/outbound-email-spam-is-teh-suck/comment-page-1/#comment-25 dannyclyde Tue, 27 Oct 2009 22:54:31 +0000 http://blogs.iphouse.net/mike/?p=223#comment-25 Hey Mike, We have a serious new Postfix system, and we had the same exact Nigerian nightmare as you write about here. Yeah, it's teh suck all rights!! Nigerians were using stolen credit cards to sign up for accounts, and so far our newb-scribers have smartened up and aren't sending their id's/ps's to them anymore. So far this month anywaze. We stopped the online sign-upability, but we still want to impose limits for the next inevitable phishing incident. > On Wednesday, I implemented software that implements per user limits of number of > authentications per hour. So what change did you made? We're looking to do exactly the same thing. I'm trying to find the specifics for my linux guy. We're also looking at running this milter, that counts outbound failures: http://www.snertsoft.com/sendmail/milter-error/ Thanks! Danny Cyber Mesa Telecom www.cybermesa.com Hey Mike,

We have a serious new Postfix system, and we had the same exact Nigerian nightmare as you write about here.

Yeah, it’s teh suck all rights!!

Nigerians were using stolen credit cards to sign up for accounts, and so far our newb-scribers have smartened up and aren’t sending their id’s/ps’s to them anymore. So far this month anywaze. We stopped the online sign-upability, but we still want to impose limits for the next inevitable phishing incident.

> On Wednesday, I implemented software that implements per user limits of number of
> authentications per hour.

So what change did you made? We’re looking to do exactly the same thing. I’m trying to find the specifics for my linux guy.

We’re also looking at running this milter, that counts outbound failures:
http://www.snertsoft.com/sendmail/milter-error/

Thanks!

Danny
Cyber Mesa Telecom
http://www.cybermesa.com

]]>