I have smtp authentication required on my server but it seems that someone might have figured out one of the users/password so that they can send spam. when I look in the secure log I can see a lot of "START : smtp" messages. How can I see or figure out which user is authenticating these session? Is there somewhere in Plesk that I can turn on logging to see the TO and FROM in a log file to be able to determine if there is abuse going on? Thanks in advance.