On Mon, 2009-06-01 at 14:55 +0200, Thomas kinghorn wrote: > My server is currently being used, via a compromised account, to send junk > to various freemail accounts.
There is only one thing you can do here to stop this from happening, and that is to change the account's password immediately and wait for the customer to contact you by phone with some verifiable credentials. The longer you leave the account open, even with clever ACL tricks, the longer your systems are open to abuse. And if you alert the scammer to the fact that you know the account is compromised, what is to stop them contacting you to get the password changed? It might seem brutal, but changing the password to something random so the account is inaccessible is the only secure way to deal with this. Graeme -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
