Cyborg wrote(a):
sound very compilacted. iptables -A smtp -s {offendingip} -j REJECT Add a password change to it, as you always need to do that to keep them out and your done.
But I still would need to parse logs because usually the hijacked account is abused by botnet with many different IPs spread around the world. Parsing logs takes time and i/o.
regards -- Marcin Gryszkalis, PGP 0x9F183FA3 jabber jid:m...@fork.pl, gg:2532994 -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/