Tor-Einar Jarnbjo schrieb:
I'll leave it with that for the moment and "hope" that I'll experience a similar attack soon and get some more information out of the SMTP log.
I had a few rounds again today with spam relaying and thought I'd be kind enough to relay to you (haha) what happened. The spammer did indeed authenticate and probably managed to find the password of one of my user accounts (with a very common account name) using a dictionary attack. At least I've learned not to trust even clever people to choose a secure password.
I would however suggest that you increase the log level of the login auth command to info and add the authenticated user name to the log output. That would probably have saved me from lot of work to begin with.
Regards, Tor --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
