tracking smtp authentication

S

swebs

Guest
I have smtp authentication required on my server but it seems that someone might have figured out one of the users/password so that they can send spam.

when I look in the secure log I can see a lot of "START : smtp" messages.

How can I see or figure out which user is authenticating these session?

Is there somewhere in Plesk that I can turn on logging to see the TO and FROM in a log file to be able to determine if there is abuse going on?

Thanks in advance.
 
Back
Top