|Main Archive Page > Month Archives > postfix-users archives|
On 10/13/2010 05:53 PM, Dan Lannom wrote:
> At many Universities there is a continual problem with accounts being
> phished and used to send spam. We have a number of measures that
> catch stolen accounts but they take a little bit of time to block
> outgoing email.
> Ideally I'd like to hold email to either a new address or a new
> address,sender,sender ip triplet like greylisting uses. Even holding
> for a minute would give us enough time to lock the account and remove
> all incentives to phish our accounts (I hope).
> Is anyone aware of of a greylisting type policy server that can use
> a specific header, containing the sender ip, or one that just uses
> the destination address?
You could modify Postgrey to return HOLD instead of DEFER_IF_PERMIT.
Then, subject your submission service to the modified Postgrey.
Held messages can be released with a cron job.
(You may want to test that the auto-whitelist still works properly under