Video Screencast Help

Option to Rate Limit Outbound Messages to Specific Domains

Created: 19 Oct 2009 • Updated: 04 Jan 2013 | 4 comments
rtatz's picture
9 Agree
0 Disagree
+9 9 Votes
Login to vote
Status: In Review

Many domains like yahoo and wowway rate limit their inbound traffic when the receive large amounts of mail from a sender.  This becomes a problem when sending legitimate messages that need to be received in a timely manor.  It would be nice if the SBG could be configured to throttle messages to these domains so  one is not blacklisted or marked as SPAM.

Comments 4 CommentsJump to latest comment

Cricket17's picture

I'm regularly getting items in my outbound queues from Yahoo saying we are being rate limited.

0
Login to vote
drfred's picture
We agree in principle with this suggestion, especially if it were implemented as part of a more general rate limiting feature. We agree that being able to rate limit by recipient domain could reduce delivery delays to e-mail domains such as yahoo.com and aol.com, etc.
 
We’d suggest a more general implementation of a rate limit feature to include not just rate limiting by specified destination domains but also rate limiting by envelope sender. 
 
The underlying reason we make this suggestion is to provide a mechanism to combat the sending of undetected spam from web mail accessible local domain accounts that have been compromised via a phishing scam, from a bot on an infected workstation, or via some other unauthorized use of a local MTA that routes outbound mail via SBG.  
 
Numerous cases of webmail accessible compromised e-mail accounts can be found worldwide in education (colleges, universities, k-12 schools), government agencies, and ISPs. These accounts are often discovered only after tens or hundreds of thousands of spam messages that were not detected by Brightmail have already been sent. Having the ability to rate limit by sender, with appropriate exceptions, would both facilitate earlier detection and reduce the potential consequences to the institution, agency or company.  While the primary effortsshould and are targeted at preventing the compromises, such efforts will never be 100% effective. Hence post-compromise mitigation must be part of any strategy to combat this problem.     
0
Login to vote
Cricket17's picture

For the per-sender, I wonder if the rate limiting could be tied to LDAP policy groups?

0
Login to vote