Paul LUNETTA wrote: > Hi,
>
> I am pretty sure that i have a breach in my security.
> I doubled the capacity of SMTP accepted
>
> smtp_accept_max = 100 (instead of 50)
> smtp_accept_max_per_host = 50 (instead of 25)
>
> and it has been fullfilled while there was only 2 internal users connected !
>
> I made some "open relay" tests. All say "ok"
> How can I really test my security and/or trace these spammers ?
>
> Thank you if you can help and sorry for my poor english.
I note that in the original post (tho obfusicated), that a web
server was involved. Is there a rogue cgi which is being used
to submit mail perchance? You could check your web logs to
confirm.