I'd like to get some opinions on different methods of detecting spammers on your servers. I don't want my upstream provider yanking my access due to spammers and me not closely watching whats happening on my servers.
Right now I plan on using Qmail and possibly tar-pitting excessive smtp usage. I'm also setting up iptables to block external smtp access. I'm also toying around with creating a script that will watch mail being inected into the mail queue over x minutes.
Any other ideas/suggestions would greatly be appreciated.