> From: Yves Goergen > Recently somebody misused one of the accounts on my mail server to send > out large amounts of spam. Reading the logs, it came all from a single > IP address, in a single SMTP connection. > > I found the following log line: > > no immediate delivery: more than 10 messages received in one connection
> The queue had over 300,000 files when I had to apply some black magic to > delete it completely. If you had used https://github.com/Exim/exim/wiki/BlockCracking , less than hundred spam messages would have been queued, then abused username+password would have been automatically disabled, next spams not accepted. > The user's inbox had over 20,000 error messages It'd have 100 error messages (or less if multiple recipients per spam message). > I don't want to > face that situation ever again even if an account is misused. Did you hear of the page linked above? What do you think should be done for its promotion? -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
