Hi, I believe one of my servers is being attacked through one of my customers e-mail. Someone is basically sending e-mails to random accounts at his domain from random e-mail accounts from somewhere else. Each of their messages is coming from a unique e-mail address and a unique IP address. Now, we have some MailScanner installed and their dictionary ACL installed. So we are blocking tons of IP addresses, but they keep coming at us with new ones. We also have his default acocunt set to "fail:", however, they are hitting the server so hard that it doesn’t seem to be making any difference. They are basically taking this server offline with so many connections. I tried suspending his account, but that doesn't seem to make a difference either. Here is a quick snapshot of my exim_mainlog. I am seeing basically blocks like this every second: I don't know what to do next, and I was wondering if anyone had any suggestions?