Authentication with non existing email address - spam

[Petertjuh360]

Hello,

Since a few weeks I have a big problem on my servers. On some user accounts there is a lot of outgoing spam. The spam sender uses a non existing email address to authenticate (via SMTP) and can send lots of spam.

My questions:

1. How can the sender login with a non existing email address?
2. How can I prevent outgoing spam?

Thanks in advance

Kind Regards,
Peter

 

[scsi]

There is no way to authenticate that way. You must be mistaken.

 

[nobaloney]

Carefully check your logs. The sender may be using a non-existing email address, but if he's authenticating, he's doing it one of two ways: Either by a username or by POP before SMTP. Once you figure it out, block either the outgoing user email or the outgoing email account email, as applicable (generally by setting the daily limit to 1) and possibly change the password.

Then of course notify the user.

Jeff