I have a problem. One or more spammers, under the guise of Goody Two Shoes otherwise unknown, have signed up for services on my Plesk server. They have nice, innocent Web sites. What they have done is smart host their spam-spewing engines to use otherwise squeaky-clean mail accounts to send their spew, specifically to AOL. What is the way to trace a particular spam to a particular SMTP-authenticated mailbox in this version of QMAIL? I want to close the account that is smart-hosting the spammer. I've looked in all the logs, and find zero way to correlate a given message to a single mailbox (username@domain) -- the best I've been able to do is to guess which of two hundred accounts may be involved in the smarthosting. Of course, AOL is blocking some of my Plesk servers over this, which is raising holy hell with the REST of the mail on the servers. QMail simply can't handle thousands of 451 responses. I've tried blocking the ultimate source addresses, but the growing use of trojaned systems to send such stuff makes the IP approach virtually useless. I was able to stop one smart-hoster only because he was too stupid to disguise his PlanetIT IP address. Others are doing a marvelous job.