On Tue, Feb 26, 2013 at 05:16:20PM +0200, Jamie wrote: > I unblocked the IP and the problem came back.
In another mail you said you'd used tcpdump. Why don't you set
tcpdump to record everything from that IP address, unblock the
IP address, wait faor a few spams to go through, block the
IP address, and analyze the tcpdump to see exactly what is
happening?
This should do it:
tcpdump -i $INTERFACE -s 0 -w /tmp/spammer.tcpdump host 113.167.239.162
