[horde] Email Send Limits To Discourage Spamming
Alessio Cecchi
alessio.cecchi at neen.it
Fri Mar 20 11:11:11 UTC 2009
Def. Quota Andy Dorman <adorman at ironicdesign.com>:
> We are about to re-open our webmail service for public sign ups and
> I was wondering if anyone in the group has any thoughts about
> reasonable limits for sending emails?
>
> FWIW, we actually opened the service up three weeks ago with no
> sending limits. That was a BIG mistake. Within a week the spammers
> found us and in the space of a few hours sent over 144 thousand bank
> scam emails and got us blacklisted by just about everyone.
>
> So before we allow more public sign ups we will have max limits on
> recipients per email and per 24 hour period.
>
> Has anyone else found it necessary to set limits? And if so, what
> limits have you found effective in slowing the spammers without
> upsetting too many of your good users?
>
> Also, will anyone be interested in the code we used for blocking
> sending per email and per time? Since we use OpenLDAP and Memcachd
> already, we elected to use prefs (that are locked/not adjustable by
> the user and can be loaded from LDAP) to set default and per-address
> limits and memcache to track the recipients sent to per 24 hr block.
>
> If anyone is interested, I would be happy to either send in the
> actual code (not much was needed thanks to how Horde/imp is already
> set up) or figure out how to do a patch against the current CVS code
> (we use Bazaar).
>
> Thanks for any thoughts from those of you that have experience with
> email sending limits.
>
You can apply email send limits with a policy server at MTA level, for
example if you use postfix you can try policyd
http://www.policyd.org/tiki-index.php that can works with per-users
limits.
Bye
--
Saluti
Alessio Cecchi
More information about the horde
mailing list