ok - but help me here.....

let's say we find a spammer who is in the process of using a compromised 
account. he's authenticated from one or more ip addresses and is 
actively sending.

we change the account password (and suspend the account?).

how do we shut down the active sending sessions?

david camm
advanced web systems
keller, tx


On 5/10/2015 4:18 PM, Surgemail Support wrote:
> On 5/8/2015 4:27 PM, Frank Bulk wrote:
>> HTML clipboard
>>
>> Chris,
>>
>> Thanks, I’m glad to hear about these improvements.
>>
>> Just to be clear, when you write “changing the password on an account 
>> will also abort any existing 'smtp' sesssions so sending cannot 
>> continue” you mean any _incoming_ SMTP traffic for that account will 
>> be aborted, not any outgoing messages that were already submitted 
>> into the outbound queue, correct?  If so, that would be my desired 
>> and preferred behavior.
>>
>
> Yes it will abort the incoming connections only.
>
>> Will the “delete_contains” match up with the SMTP AUTH user?  I know 
>> that idx messages that are in the outbound queue have this in the 
>> Surgemail “header”:
>>
>> user: <email address>
>>
>> Will “delete_contains” match on that?
>>
> Yes.
>     ChrisP.
>