Hi List.
I'm having a big spam problem. It seems that my users DB have been
compromised, and I'm receiving authenticated connections from outside, that
are used to send tons of spam. I have managed to identify some users and
changed there pwd. But as soon as I stop one user, they start to use
another.
Is there a way to forbid auth sessions on port 25? My clients use submission
port to send there messages.
I'm thinking to create to tcprules (one for port 25 and one for port 587).
But I don't know how to match auth sessions inside tcprules.
