Re: [exim] Spammer problems Need help

Pàgina inicial
Delete this message
Reply to this message
Autor: Andreas Steinmetz
Data:  
A: Mike Ramirez
CC: Exim User ML
Assumpte: Re: [exim] Spammer problems Need help
Mike Ramirez wrote:
> On Fri, 2004-10-08 at 13:57, Leonardo Boselli wrote:
>
>>Il 8 Oct 2004 alle 13:50 Mike Ramirez immise in rete
>>
>>>But the thing is we think its a user on the system but
>>>can't find anything hard to say it is him and take action.
>>
>>What does say the log ? you should know what is the host sending
>>spam, and then tracing the user using it at that time (al blame the
>>administrator of that host)
>
>
> Logs say its nobody@???, I have gotten to the user but I
> can't find anything specific that says its him. I found the dir
> originating but nothing there. guy cleans up his tracks nicely.


Not a direct solution, but what about enforcing asmtp? If your spammer 
needs to authenticate it will be hard for him to cover up. For locally 
sent mail use modified applications that collect system information 
prior to sending of the mail. If necessary use mandatory access control.
-- 
Andreas Steinmetz                       SPAMmers use robotrap@???