Code Crafters

We recently got blacklisted by Outlook/Hotmail after a users account was compromised and used for namespace mining to send spam to Hotmail etc, we're currently jumping through the hoops with the outlook support team to get de-listed but basically I'm after any advice to help minimise this happening again?

Currently users can send a maximum of 500 mails per day set within group settings and they also need to authenticate with username and password for SMTP, what other measures can we implement to combat this problem when someone's account is compromised, I was hoping there might be a setting somewhere which would block an account if found to be sending mail to X number of unknown recipients but don't think there's an option to do that.

Big mail servers like Hotmail block any mail from ISP assigned or dynamic IPs. To get round this you can add a static route in outgoing mails for Hotmail.com and other domains which relay via your ISPs SMTP server which will be more trusted.

There are user group and SMTP settings to limit the number of mails sent per user / IP respectively to help stop abusive SPAMing by your users.