Waterproof prevention of spam from new users


Well-Known Member
Mar 13, 2004
Melbourne, Australia
cPanel Access Level
Root Administrator
I'm just wondering what people think of some ideas I have about preventing new users from spamming, and catching them quickly when they do. Since we're about to go to auto-fulfilment, I'm concerned spammers might send out enough spam to get us listed on ORBS/RBL or one of the more rapid-response lists and thus impact email from legitimate users, and cost me lots of work in getting us un-listed. I want to avoid that extra work which is a real killer!!

So, I'd like feedback on whether this is possible with Exim, and whether it's a good idea or useful.

The strategy I'm considering is:

1. New users are limited in how many emails they can send from localhost (assume I run under suPHP/phpsuexec) - probably 20 a day, maybe even 5 or 10.

2. New users exceeding the localhost outgoing limit get their entire messages saved or logged somehow. (Maybe only messages 20-30 get logged, after that 1 in every 10 messages gets logged or something, preferably randomly so it can't be outsmarted), or they just get blocked from sending emails. I can then review the logged messages and terminate easily and quickly if they are spamming. This would be in the TOS.

3. New users would be able to send much higher limits via SMTP into the external IP address from non-localhost IPs, but would still be blocked/logged after reaching a certain daily threshold.

4. New users are considered "new" for at least 30 days after subscription. Possibly users in a high-risk category when they sign up could have their email limited even further. (yes, I'm doing some anti-fraud assessment using maxmind and possibly callback via fraudgate).

How does this seem as an idea to you guys with more cpanel experience than I have? (that's not hard either!!).