Blocking spammers (from compromised email)

F

flamewalker

Verified User
Joined
Aug 21, 2007
Messages
64
I have a users' email account get compromised on my system from time to time... the cleanup is a royal pain.

Is there a way to block the email login from being able to spool mail on my server beyond the 200 email limit? So, for instance, I have the regular user daily limit at 200. When an account gets compromised, they still seem to be able to "send" thousands of emails to my server (which then just freezes them because of the limit, which I then have to delete from the queue).

Is there a way, after the limit is hit, to actually reject the sending of mail so it doesn't spool up on my server until I block and clean up the queue?

Thanks in advance.
Jamey
 
There's a script somewhere on these forums to monitor queue size and let you know when your queue gets too big. But my recollection is that this is a recent change or is scheduled to change, and that DirectAdmin will soon (if not already) refuse to accept email if the limit has been reached.

Anyone know?

Jeff
 
Hello,

The exim.pl version 15 is what you want.
It will completely block emails from entering the queue if the account (either DA or email) is over limit.
If they try to send an email when over limit, exim will tell them they've got a wrong password.

However, this only applies to smtp-auth emails.
Emails sent locally via php mail() or other local scripts to /usr/sbin/sendmail still get placed into the queue, but won't send out until the usage count is reset.

Related:
http://help.directadmin.com/item.php?id=514

John
 
You must log in or register to reply here.
Back
Top