Hello, Today a customer's SMTP AUTH was brute-forced and as a result their VPS was turned into a spam relay. So, if you use SMTP AUTH to allow your users to relay through you, please do be aware that this is being scanned for and dictionary attacked just like SSH is, and consider what countermeasures you will take to avoid that happening to you. A fail2ban/denyhosts-style solution to lock out IPs with many failures may be necessary if you can't trust your users to pick decent passwords. Cheers, Andy -- http://bitfolk.com/ -- No-nonsense VPS hosting