can you have the customer change his password? On Wednesday, October 9, 2002 10:55 AM, Andrey Fyodorov <[EMAIL PROTECTED]> wrote: >Hi all. > >I have a customer who is on a shared Imail server with ~1000 >other customers. > >Recently someone has been impersonating him and sending porno >spam. It is not a trivial impersonation - they are actually >able to relay mail via his Imail server from a computer >somewhere in Macedonia. The Imail server is set to "No mail >relay". So I guess the spammer is one of the 1000 other >customers on the same Imail server. Or someone who >hacked/sniffed a legitimate customer's username and password? > >I can only see one way to stop this impersonation - to create a >rule that will check the From and the IP address in the header. >The good customer always sends mail from the same static IP >address. > >I am trying to create an outbound rule. I have tried it on the >customer's virtual host as well as on the physical host. I >can't seem to make the rule work. > >The rule look like this > >If the From Address Contains customer.com >AND >If the Header Text Does not Contain xxx.xxx.xxx.xxx > >(where xxx.xxx.xxx.xxx is the customer's static IP address) > > >I also tried > >If the From Address Contains customer\.com >AND >If the Header Text Does not Contain xxx\.xxx\.xxx\.xxx > > > >What am I doing wrong? > >To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html >List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ >Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ >
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
