I have recently reviewed this thread from back in January-March: https://supportforums.cisco.com/thread/2002325?tstart=60 . I have been facing the same predcament decrsibed be people in this thread. That being end user machines get compromised and then send out large volumes of spam via legitimate accounts on our servers. In our cases, the outbound from addresses have all been the actual user address. The end user environment is ActiveDirectory & Exchange.
If I cannot rate limit based on a sender address, then I am wondering if the 370D model would allow me to somehow define virtual gateways which would correspond to users found within a specific portion of my Active Directory environment. For example, if all sales dept. staff were within a single AD OU, could I create a virtual gateway that corresponds to just these people and have that gateway set with different rate limits than another gateway which corresponds to a different group of users?
Lastly, is it possible with any of the appliance models to define specific outbound rate limits for recipient domains? For example, messages destined for hotmail.com would have a different rate limit than messages destined for gmail.com. Would this functionality work with mixed recipient domains in the To: field?