On Friday 22 October 2004 06:17 am, Walter Souto R. Junior wrote: > Hi, > > I have one of my users using my server to send spam (I think). The > messages came from 200.78.38.103. When I figure that out, I just block him > and bring my server back... So how can I see what account on vpopmail did > used to do this kind of thing? I have only auth-smtp, and just accept > messages from one of my domains, that are about six and nothing more. I'm > afraid that I don't have vpopmail logs, perhaps I did install vpopmail > without them, so...
the smtp auth patch you use should be putting a header in the email saying who
sent it.. check for that header, and shut the guy off.
-Jeremy
--
Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc.
[EMAIL PROTECTED] ++ www.inter7.com ++ 866.528.3530 ++ 815.776.9465 int'l
kitchen @ #qmail #gentoo on EFnet ++ scriptkitchen.com/qmail
GnuPG Key ID: 481BF7E2 ++ scriptkitchen.com/kitchen.asc
pgpbOpoWACp4i.pgp
Description: PGP signature
