Tor,
* Your smtpserver has 'authorizedAddresses' set to '127.*' which is
fine. However, this will allow any process running on your server to
send remote email without requiring SMTP authorization. Is it
possible you have a web app running on your server which is being
used by the spammer to send email?
Allowing localhost unauthorized access is on purpose, but I'm sure
that the webapps running on the same host are not causing the spam
relaying. First of all, all code in the webapps only allow one
recipient per message, second, James is logging the SMTP connection
from a remote IP address. This time, all connections came from a
virtual server hosted by a UK company.
Could you check your web server logs to see if you notice any web
activity from this same IP address at around the same time your James
logs noticed the spams?
If there is no sign of any activity then we can probably discount the
web-apps being misused.
Regards,
David Legg
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
