[svlug] Figuring out who is spamming from my network???
Govind Tatachari
govind_tatachari at yahoo.com
Wed May 23 10:31:43 PDT 2007
Mark,
I tried to get my hosting provider to help me identify or provide details to
isolate identity of the spammer but no progress so far. The main problem seems to be that userID can be constructed (using any domainname) and used to send spam. Any spam prevention experts who can explain how to prevent this ??
Thanks,
G
Mark <msalists at gmx.net> wrote:
Hi,
I am trying to figure out who is using my server to send spam.
I got as far as finding the log entries in the qmail logs ("mail.info") and identical lines in the "messages" log.
However, there is no user ID.
How can I find out the user id that was used to authenticate during the SMTP session? I tried sending an email through the server
without authenticating and the server rejected it, so whoever sent the email must have authenticated. Unless there is a way around
the authentication that I am not aware of.
I also found the corresponding "START: smtp" log entry in the xinetd log, but no user ID here either.
Does qmail log who authenticates, and if not can I make it do it?
Thanks,
MARK
_______________________________________________
svlug mailing list
svlug at lists.svlug.org
http://lists.svlug.org/lists/listinfo/svlug
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.svlug.org/archives/svlug/attachments/20070523/268bf4a7/attachment.htm
More information about the svlug
mailing list