I have some problem with the way IMAL (8.x) handles SMTP-Auth email. A customer from us seems to have a compromised host, which sends Spam evry two weeks or so trough their local gateway
tell them that you will not relay outbound mail that has been submitted to their system without SMTP AUTH.
Since they are spamming you from a trusted IP, you show them your logs and shut them off until they fix their system. In the meantime, their own gateway can send directly to Internet and shift the problem onto them.
- which is relayed over our IMAIL Server. Their Mail server requires no authentification for their local hosts to send mail
I'd be surprised if a mail-bot/trojan in a compromised machine is doing SMTP AUTH to submit spam to their mail server. Their mail server is more likely doing relay for addresses.
Len To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
