Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 04 Feb 2007 13:47:23 +0100
From:      Volker <volker@vwsoft.com>
To:        =?UTF-8?B?0JLQu9Cw0LTQuNC80LjRgCDQmtCw0L/Rg9GB0YLQuNC9?= <msgs_for_me@mail.ru>
Cc:        freebsd-pf@freebsd.org
Subject:   Re: SPAMD stop passing mail from WHITE-list
Message-ID:  <45C5D5DB.9050407@vwsoft.com>
In-Reply-To: <E1HD4Bj-000D25-00.msgs_for_me-mail-ru@f30.mail.ru>
References:  <E1HD4Bj-000D25-00.msgs_for_me-mail-ru@f30.mail.ru>
next in thread | previous in thread | raw e-mail | index | archive | help 
On 12/23/-58 20:59, ;048<8@ 0?CAB8= wrote:
> 2. If i have some malware on my PC and use mail-client program. If I send the same message some times I automatically get into WHITE-list and my malware can spam as much as it must?

Not really related to your spamd problem, but probably useful...

If you need to limit an internal client system for sending out mail
through your system, IMO you may also use pf's limit functions.

Imagine something like:

pass in quick on $int_if from any to $int_if port smtp keep state
(max-src-conn 1, max-src-conn-rate 2/60)

This should limit an internal client to one concurrent connection
and a maximum of 2 connections per 60 seconds and so mass mailing by
abusing your mail gateway should be impossible.

Combining this by a rule like 'block in quick on $int_if from any to
! $int_if port smtp' should efficiently block spam originating from
your internal net.

And for the malware issues, I would like to recommend not to install
and use malware! ;)

Greetings,

Volker

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?45C5D5DB.9050407>