I have installed Exim onto a new Linux-based server that I have just set up,
and am very happy with it so far.
I want to be able to allow users of local machines to be able to use it as a
relay to send outbound mail - this part is easy. The tricky part is that
some of the local machines are public-access machines. Potentially somebody
could use a public machine to relay thousands of messages out through Exim.
I have set recipients_max=100 and recipients_max_reject=true already, but
that only limits the number of recipients in each single message. Is there
any mechanism for limiting the number of messages a local host can send out
in a set time, for example?
This problem would seem to be similar to an ISP with dialup users - the
dialups would be considered local and allowed to relay through Exim, but the
ISPs wouldn't want their dialups to be able to send spam to the outside
world.
How do the big ISPs do it? Are there some rules that can be put in place to
reject spams like this?
I always like to think of the worst that can happen, and try to ensure that
it never actually will..! :-)
