Lisa Muir wrote on 04.04.2014 16:28:
>
> Guys,
>
> I thought I had this one covered, all SMTP must be authenticated on
> our server.
>
> It is very evident from examining increased server load that we are
> being used as a SPAM relay and have not yet hit a blacklist.
>
> Looks like a website got hacked and an email account details must have
> been in there.
>
> For the life of me, when I search mail.log etc I can't find the
> username of the user who authenticated an SMTP session.
>
>
From Courier's changelog:
0.62.0
...
2009-05-02 Sam Varshavchik <mr...@courier-mta.com>
...
* courier/cdmsgq.C: Include authentication credentials in "newmsg"
syslog entries of messages that were submitted using authenticated
SMTP. Note that this changes the format of "newmsg" syslog entries.
So if your version is older than 0.62 search for authenticated user name
is useless. Probably you need to set ESMTP_LOG_DIALOG=1 in esmtpd config
file.
------------------------------------------------------------------------------
_______________________________________________
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
