There are two situation when users send out large amount of mails: sending newsletters or account compromised. Either case the volume increased and I think it is necessary to have a way to suspend or blacklist them. Is there anything already in place that I could use?
Allow me to describe more. I have one standard Postfix relay server and the default rule is to Hold the mail. Then I have another script check this Hold queue and release the mail in FIFO manner. The script also count total mails by sender and if larger than my policy, they will be pushed to the bottom and go out later. Meanwhile, if the total mail the sender sent exceed 1,000, I will blacklist it (move away from Hold queue to investigate later).
The concept similar to MailScanner way of processing. I wonder if this kind of logic can be implemented in EFA? Or I should go to MailScanner there? Do point me in right direction. May be there is already solution for me to solve this.
I am thinking of new algorithm. If there is a way I can count the mail reliability by the sender in a specific window of time (per 5 minutes or per minute), and if it trigger my policy, I will add this sender into postfix access rule file or DB and reply with 4xx temporary suspend code. To release, there will be other GUI to let user to remove himself or by administrator only.
If this plan is workable, I can create it and contribute here. Anyone got better suggestion?
Request and discuss new features you would like to have.
2 posts • Page 1 of 1