While we have a way to throttle outbound traffic, is there a way to throttle inbound traffic or otherwise limit the # of concurrent SMTP sessions from an account?
We had an account compromised on Saturday morning at 6:30. By 9:00 when I found it, 331 spambots had connected to our server and dropped off over 321,000 spam messages for delivery.
The good news is we implemented throttling years back. All that went out was about 200 messages, and we killed the rest.
Would love to be able to restrict authenticated logins to a subset of country codes.