exim_mainlog monitor
Posted: 05 Jun 2007, 05:57
CSF already does a nice job watching the exim_mainlog file. Many of us have also setup WHM to not allow any domain to send over x amount of emails per hour. When a spammer gets on the server and attempts to do so it is logged in exim_mainlog. It would be a great help if CSF could also check for multiple failures of this limit by checking for excessive sending attempts as well. I think that this could be added easily and would be very helpful in getting these accounts removed before they can do more damage.
