On Wed, 2010-09-08 at 19:33 +0200, Juergen Edner wrote: > thank you for that hint. Unfortunately it's not always the same > IP address. Based on a friends log file 145 different addresses > have been used until now. > One my friends pointed me to the following thread which exactly > describes the same problem: > > http://blog.windfluechter.net/content/getting-hit-spammer-exim
You did see this reply, didn't you? http://lists.exim.org/lurker/message/20100907.201156.8e7345b2.en.html The problem here is that there's a plethora of pages describing Exim configuration out there, most of which are nothing whatsoever to do with Exim itself having been put there by enthusiasts - not that there's anything wrong with this. However, if someone put up something with a corner case like you have, and it became widely accepted, then spammers are going to learn sooner or later that trying an invalid user with a NULL password might work. I'll make a point of checking the docs and the wiki to ensure it isn't coming from here, but you need to make the changes described above. In terms of it being a "bug" - it isn't. It's a misconfiguration, and now we need to determine where that came from. Graeme
signature.asc
Description: This is a digitally signed message part
-- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
