Hi!
I have some users that are sending mails trough my mailserver (pop before smtp), i have enabled-roaming-users when i compiled vpopmail and it is working perfect now.
But i want to catch abuse if some user get a crasy idea and sends spam trough my mailserver, så i need extra info in my pop3 log
Today my startup script contains this:
# pop3 server:
echo -n "Starting pop: "
env - PATH="/var/qmail/bin:/usr/local/bin" \
tcpserver -H -R -v -l -c200 0 pop3 /var/qmail/bin/qmail-popup loke.yanet.dk \
/home/vpopmail/bin/vchkpw /var/qmail/bin/qmail-pop3d Maildir 2>&1 | \
/var/qmail/bin/splogger pop3d &
echo
it creates this in my logfile:
Dec 28 11:53:53 odin pop3d: 1072608833.464242 tcpserver: pid 31615 from 217.157.31.98
Dec 28 11:53:53 odin pop3d: 1072608833.464265 tcpserver: ok 31615 -c200:81.7.136.34:110 :217.157.31.98::32924
Dec 28 11:53:53 odin pop3d: 1072608833.560968 tcpserver: end 31615 status 256
Dec 28 11:53:53 odin pop3d: 1072608833.561047 tcpserver: status: 0/40
Dec 28 11:53:58 odin pop3d: 1072608838.572219 tcpserver: status: 1/40
Dec 28 11:53:58 odin pop3d: 1072608838.572299 tcpserver: pid 31617 from 217.157.31.98
Dec 28 11:53:58 odin pop3d: 1072608838.572320 tcpserver: ok 31617 -c200:81.7.136.34:110 :217.157.31.98::32925
Dec 28 11:53:58 odin pop3d: 1072608838.673983 tcpserver: end 31617 status 256
I need some info about wich username is doing the pop session....is it possible to get that kind off information
With the popuser in the log and the ipnumber sending spam, then i can find the user doing the abuse.....toherwise i have to drop the whole thing :-(
;-Peter Yanet.dk
