Conditional SASL authentication
George Sexton
georges at mhsoftware.com
Tue Feb 24 17:54:40 UTC 2015
The things that occur to me are
1) Ensure that the sender domain is authorized by doing a rule in
main.cf for send_restrictions. Then at least they won't be sending
things with faked from=.
2) Do some work with rate limiting.
http://steam.io/2013/04/01/postfix-rate-limiting/
3) Look at something like fail2ban.
On 2/24/2015 10:28 AM, Luciano Mannucci wrote:
> Hello,
>
> I have a few users that are often hit by a trojan virus that steals
> e-mail user and password. Having a very little (if not null) power on
> their machines, I need to be able to block the outgoing mail wich is
> handled by postfix via dovecot SASL.
> Blocking it at dovecot level would be optimal, for the virus doesn't
> necessarily use the e-mail of the user as its from, just the user and
> password for the authentication phase.
>
> Is it feasible?
>
> AdvThanksAnce,
>
> Luciano.
--
George Sexton
*MH Software, Inc.*
Voice: 303 438 9585
http://www.mhsoftware.com
More information about the dovecot
mailing list