Application Development Software

My client uses SUN messaging server to host nearly half a million mailboxes for its ISP customers.

Recently a couple of accounts have been compromised and been abused by spammers. What happened is actually quite clever. They used valid credentials to log into webmail (communications express), changed the customer preferences to include a signature (the spam message) with every message sent, a yahoo/gmail/hotmail reply-to address and then script or manually add a large number of e-mail addresses to each message composed.

Every message composed can have up to a hundred recipient addresses in the TO: field, and then some more in the CC and Bcc fields.

As you can imagine that adds up to a lot of spam.

Now we can manually identify the offenders (lots of delivery errors, excessive amounts of outgoing messages), lock those accounts, block the source ip-address if outside our own network ranges, contact the cusomers to have them reset their passwords but at that point in time tens of thousands of messages have already been sent.

If you can do it manually you can script it too, but then we're still one step behind. What I would like to do is to take some steps to at least limit the amount of damage a compromised account can do.

Are there settings to:
- limit the number of recipients a customer can add to a single message ? (especially in Communications Express)
- limit the total number of messages a customer is allowed to sent per hour/day? (especially from Communications Express)


Thanks in advance.



versions range from

Sun Java(tm) System Messaging Server 6.2-3.04 to 6.3-4.01