Hello,
Seems the csf is adding/blocking only port 25 and we have port 26 too which is causing the abuser to continiue sending:
Time: Fri Nov 21 18:34:32 2008 -0500
Type: AUTHRELAY, Remote IP - 66.201.176.126 (US/United States/-)
Count: 101 emails relayed
Blocked: Yes
Sample of the first 10 emails:
2008-11-21 18:28:22 1L3fQ3-0002O5-GH <= user@domain.com H=(66.201.177.132) [66.201.176.126] P=esmtpa A=fixed_login:user@domain.com S=118272 T="spam messages ..."
...
please add port 26 to be blocked as well on such an abuse.
Thanks.