Re: Metermaid & Slowing a Spammer with credentials
Hi Marc, all,
On 28.03.2012 22:25, Marc Chametzky wrote:
>> I am testing with this below ( on the tcp_submit channel) and while it
>> is working Metermaid ONLY sees submissions for one msg when I add more
>> addresses to the cc and bcc lines, even though the MTA log shows
>> multiple separate submits. I'm trying to create a scenario where a
>> user sends to many users with one send by using the bcc column.
> Now you're talking about recipients, not transactions.
> MeterMaid can work on that, too. Simply put your callout to MeterMaid in
> a table like ORIG_MAIL_ACCESS and you can count the number of recipients
> sent from a certain address.
I'd also like to extend our metermaid use from counting mails
(FROM_ACCESS) to counting recipients for obvious reasons.
Sadly, we currently still need to provide 'free' selection of from mail
addresses to our clients (identity management is not up to deal with
this kind of relationship), so I need to block the easy escape of using
different addresses to trick counting in order to have a robust benefit
and prevent joe-jobs.
As far as I did see, there is no 'auth-from' or otherwise suitable piece
of information available in ORIG_MAIL_ACCESS to ensure doing the
counting based on authentication information - with the exception of
using 'auth-from to envelope from' rewrite ($J) in FROM_ADDRESS.
Rewriting might be an option to cure this but it is likely to have other
downsides such as exposing individuals sending on behalf of a role
address which event might give rise to other issues downstream, say
spamscanner being picky about env-from and hdr-from differences.