But the second one still a problem and still that spammer can access your local users and send them his mails... The question now, is there any wayor method to prevent such spammer from using the second case??
"Prevent" abuse is pretty hard when you're dealing with AUTHed users.
"detect" abse is necessarily after the fact and would be by tabulating log events like:
connects by ip
auth's by user
messages sent auth'd user.
messages sent per SMTP session (spammers like to send many msgs per SMTP session but they know not to try to send 100's, usually they stop at under 30, ime).
smtp sessions with multiple RCPT TO (and from which sender)
Len
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
