How do you alert mail server operators who are smarthosting their e-mail through you that their outbound messages contain spam?
You don't let them falsify their envelope or headers to contain fields utterly unrelated to your own infrastructure, for starters. They try it, their mail bounces. It's a very rare piece of spam that actually comes from who it says it comes from anymore. Do that before thinking about rate-limiting or any other fanciness, and you've likely licked 90% of the problem right there. A smarthost with a strong "sense of self" backed up by port-25 rules is exactly what I'm talking about, and if certain large providers ever *read* their abuse boxes they'd find the same advice from me in more than one instance followed by a clear example of why. _H*