On 07/13/2016 12:08 PM, Hardy wrote:
> On 13.07.2016 06:07, Flan AlFlani wrote:
>> My log is flooded with those spam attemps and I wonder if there is a ACL can stop those attemps.
>
> These are not attempts, but successful misuse of your server as an open relay! 1st example:
>
@Hardy:
his server must not be an open relay, since the spam ist delivered via P=esmtpsa
as you can see in his log excerpt.
So it seems to be a compromised account
@Flan:
change/lock the password for faisal.alazemi@???
or (if this is not possible) write at least a condition rule
within your exim authenticator or an ACL rule within acl_smtp_rcpt.
Within your authenticator you may set "server_set_id"
which gives you the login name of the authenticated user.
Regards,
Olaf
--
Karlsruher Institut für Technologie (KIT)
ATIS - Abt. Technische Infrastruktur, Fakultät für Informatik
Dipl.-Geophys. Olaf Hopp
- Leitung IT-Dienste -
Am Fasanengarten 5, Gebäude 50.34, Raum 009
76131 Karlsruhe
Telefon: +49 721 608-43973
Fax: +49 721 608-46699
E-Mail: Olaf.Hopp@???
atis.informatik.kit.edu
www.kit.edu
KIT – Die Forschungsuniversität in der Helmholtz-Gemeinschaft
Das KIT ist seit 2010 als familiengerechte Hochschule zertifiziert.