I've been following this post.office spammer thread with some interest.
Here's an idea:
Set up a machine as a mail forwarder (only), and point MX to it. Use
only a hosts file for name resolution (disable DNS) so that the only
machine the forwarder can look up by name is the "real" mail server.
Make sure the hosts file includes an entry for the domain itself that
points to the real mail server. Any SMTP for your system goes through
through the forwarder to the real mail host, and any mail hitting that
"inbound" mail server for other mail servers dies as undeliverable.
Then block tcp:25 in to your "real" mail server. It's kludgy but it may
work for some of you with a spare machine and a few hours of time.
It does nothing to actually fix the core problem, i.e. buggy software
and poor support, but I'm offering this suggestion for those of you
pushed against the wall by this.
-- +|Daryl S. Banttari, CNE|mailto:email@example.com|http://www.2ndlevel.net/daryl|"Talk does not cook rice" - Chinese proverb|'Good things come to those who wait, but only the things left by | those who hustle.' - Abe Lincoln|'A candle loses nothing by lighting another candle' - Fr. James Keller|'There is a diminishing return on caution' - Me+