Am 04.03.2014 23:38, schrieb Homer Wilson Smith:
Change their password?
from my experience the only thing that really stops the spam
Maybe it's anoying for the account owner but it works most reliable.
Counting IPs might help also but what if the spammer uses the same src
ip for its garbage? Your server would be on blacklists and all clients
are affected.
So imho it's really better to change passwords, that case only one user
is affected.
Have a published abuse contact and react on complains promptly also helps.
To make it harder for the spammers to get login credentials we use
fail2ban which monitors maillogs for failed logins and blocks IPs after
X numbers of failed logins. The ban time we keep just some minutes, but
thats enough for most of the bruteforcers to go to another server
