Hi! To the relay: Only allow your own subnet so send mail through the server. Disallow Mails send through it by users or faked users not in your domain. To the access.db Fill in the users to reject and you will have your piece. Using the firewall is useless if they change ip and someone is sending you a mail from there it will be blocked. Find the spammers ip if the header is not broken. If you don't inform the provider he will still send you spam and your server will be overloaded. Mail to abuse@provider.net of that provider. If they are not acting force them by saying you inform higher privileged institutions. We got a spammer that mailed each 5 minutes a virus infected mail to our server. I got rid of him by doing so. We use postfix because there are some settings to get rid of such spammers. Philippe