My mailserver's normally locked down pretty tight, but today I chanced across a pretty serious spam onslaught. One of my AUTH passwords was guessed/hacked and my poor server was under a ceaseless wave of the filthy stuff: after disabling all passwords, 1,013 connections were refused in a two-minute span, each with some 25 email targets. I nuked 6,063 items from the QUEUE folder when it didn't seem like there was any end to the processing and sending of spam.
Which brings me to my question:
The logs show only AUTH LOGIN, but it doesn't say WHICH user logged in. Is there any way to tell?
It'd sure be handy if the login name was included in the logs...
<P>My mailserver's normally locked down pretty tight, but today I chanced across a pretty serious spam onslaught. One of my AUTH passwords was guessed/hacked and my poor server was under a ceaseless wave of the filthy stuff: after disabling all passwords, 1,013 connections were refused in a two-minute span, each with some 25 email targets. I nuked 6,063 items from the QUEUE folder when it didn't seem like there was any end to the processing and sending of spam.</P><P> </P><P>Which brings me to my question:</P><P> </P><P>The logs show only AUTH LOGIN, but it doesn't say WHICH user logged in. Is there any way to tell? </P><P> </P><P>It'd sure be handy if the login name was included in the logs...</P>