First of all, you should increase your log level for SMTP to at least "problems" or "low level", let some of the traffic go through, and then examine your log to see what is happening.
But please clarify: is the traffic coming to your local accounts or is your SIMS server relaying traffic to other sites? If the latter, check to see if you have SMTP AUTH enabled. Some spammers have been using SMTP AUTH to log into commonly-used but often poorly-secured accounts. (E.g., you may have created a "webmaster" account which is intended only to mirror mail to several other addresses.) If this is what is going on, you need to secure your accounts by giving them good passwords. Disable login for any account that doesn't need to have its mail checked, and disable the SIMS and OS password for any account that doesn't need to be used to send mail. It's also possible that spammers will use check-then-send to send mail through poorly-secured accounts, so just turning off SMTP AUTH isn't a good solution. Here's one google groups thread about the attempts to crack servers using SMTP AUTH: http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&safe=off&th=1de9d4026abba074&seekm=3F325434.2050608%40uni.edu&frame=off --Elliot Wilen On Friday, September 5, 2003 6:16 AM, Bill <[EMAIL PROTECTED]> wrote: >I am receiving tons of traffic through my sims email server, and it seems to >be going through? It is like they are able to by pass the >traps??? > >Is there a hole in sims that is being exploited? > >I have all the spam traps on: > >1. relay for clients only > >2. Verify return paths > >3. Use Blacklists DNS Servers > >relays.ordb.org >bl.spamcop.net >list.dsbl.org >mulithop.dsbl.org >blackholes.intersil.net >block.blars.org >singapore.blackholes.us >malaysia.blackholes.us >nigeria.blackholes.us >wanadoo-fr.blackholes.us >sbl.spamhaus.org >opm.blitzed.org >relays.visi.com >cn-kr.blackholes.us > >4. etc.... > >Anyone else experiencing this? > >Thanks for any help in advance.. > > >Bill > > > >############################################################# >This message is sent to you because you are subscribed to > the mailing list <[EMAIL PROTECTED]>. >To unsubscribe, E-mail to: <[EMAIL PROTECTED]> >To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]> >To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]> >Send administrative queries to <[EMAIL PROTECTED]> > ############################################################# This message is sent to you because you are subscribed to the mailing list <[EMAIL PROTECTED]>. To unsubscribe, E-mail to: <[EMAIL PROTECTED]> To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]> To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]> Send administrative queries to <[EMAIL PROTECTED]>
