Is there a way to have postfix reject messages that are being sent out with bogus reply to addresses even if it is being sent out using an authenticated user/pass? For example: A user gets his machine infected with a virus/malware that harvests his user name / pass somehow. Now this program sends masses of emails out using the user/pass but having email@example.com for a reply address. Can I just kill all of these before they go out through filtering of some sort? I usually only notice these issues through some feedback loops with major email providers like AOL that I previously set up. In this particular case, when I cought it there were 60,000 plus messages in queue all from fake users at a correct domain that were authenticated senders. I usually change the password for the user, and lock it down to webmail access only until the issue is resolved. Unfortunately, that process may be too late to avoid getting the entire server on any blacklists. Any help would be greatly appreciated.