Using Spamdyke and Qmail to Stop Outgoing SPAM
These applications work together well but there is a loophole which can be closed as follows.
First, we force require-auth in spamdyke.conf, add this line to the top:
On its own this will not work properly and will block incoming mail from external providers. So, we need to dynamically create a whitelist that spamdyke can work with. We use a PHP script as follows:
<download php script>
Run this script as a cronjob every 15 minutes to gather updated email address from Plesk.
Now you will see that the spam email that has been finding its way through the loopholes can now no longer send emails. You can check the blocked emails using this rule as follows:
cat /var/log/maillog | grep "DENIED_AUTH_REQUIRED"
See how emails from ebay, paypal etc are no longer being sent from compromised accounts?