1 Topic by lucasglijander (edited by lucasglijander 2017-03-03 19:59:07)

  • lucasglijander
  • Member
  • Offline
  • Registered: 2017-03-03
  • Posts: 1

Topic: Questions about new iredmail install

==== Required information ====
- iRedMail version (check /etc/iredmail-release): 0.9.6
- Linux/BSD distribution name and version: Debian 8.0
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Apache
- Manage mail accounts with iRedAdmin-Pro? No
- Related log if you're reporting an issue:
====

I work for a small WISP that wants to offer email service to its suscribers (around 400 people).

I'm testing a virtual machine with Debian 8.0 and the default iredmail install.

I like it a lot but I wondered how secure it is against internal spam.

What I mean is that if one of the suscriber gets its credentials stolen (by virus, malware, ...), can the default iredmail config prevent the massive spam that such theft could generate.

I don't want the mail server IP to be blacklisted in spam lists because of what some random suscriber does at home.

Any thoughts on this?

Thanks in advance.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Online
  • Registered: 2009-05-06
  • Posts: 31,190

Re: Questions about new iredmail install

lucasglijander wrote:

What I mean is that if one of the suscriber gets its credentials stolen (by virus, malware, ...), can the default iredmail config prevent the massive spam that such theft could generate.

No.

A mail account used by cracker or the original owner is no difference to your iRedMail server. What you can do is setting a default throttle setting for all users, for example, 60 emails per hour, to avoid the cracked account sending out too many spams.