Tracing down a spammer

Tracing and tracking.

Question is:

If you suspect your web (whether www,http,httpd user )
how can you do a header check and pin where the source of
spam is coming from?

All I need is a check that will send to local users - go ahead
and if to a massive amount of users WITHOUT a local
user REJECT as spam.

Where can I put this?


Re: Tracing down a spammer

By Wietse Venema at 04/26/2010 - 13:27

The Doctor:

You look in the WEB SERVER LOGFILE, and find the web request that
exploits your server.


Re: Tracing down a spammer

By Jeroen Geilman at 04/26/2010 - 13:13

...of what ?
If you mean you suspect a local user of your web server of sending out spam,
implement proper local sender restrictions by measures such as limiting which
system users can use sendmail submission.

Header checks will rarely, if ever, tell you where spam comes from.


It's generally a good idea to limit the number of recipients anyway.

How do you mean, "without" ?

I'm entirely unclear what you're trying to prevent here.

See <a href="" title=""></a> for a good introduction
to postfix anti-spam measures.