qmail logging and IP throttling

Hi,



With: #cat /var/log/qmail/current|tai64nlocal|more

I can see that an outside spammer is forging From headers by using an inexistent anonymous@mydomain.com email address.

However, I can not see his IP in my qmail log and I would like to implement easy tracing solution. Can someone point to
the right qmail patch?


2004-02-28 09:50:00.333992500 info msg 50426814: bytes 402 from <anonymous@mydomain.com> qp 8271 uid 0
2004-02-28 09:50:00.346255500 starting delivery 246: msg 50426814 to local mydomain.com-root@mydomain.com
2004-02-28 09:50:00.346259500 status: local 1/10 remote 0/20
2004-02-28 09:50:00.516702500 delivery 246: success: did_0+0+1/
2004-02-28 09:50:00.516707500 status: local 0/10 remote 0/20
2004-02-28 09:50:00.516709500 end msg 50426814
2004-02-28 10:00:01.001969500 new msg 50426814
2004-02-28 10:00:01.001973500 info msg 50426814: bytes 488 from <anonymous@mydomain.com> qp 8334 uid 89
2004-02-28 10:00:01.032646500 starting delivery 247: msg 50426814 to local mydomain.com-vpopmail@mydomain.com
2004-02-28 10:00:01.032650500 status: local 1/10 remote 0/20
2004-02-28 10:00:01.032652500 new msg 50430369
2004-02-28 10:00:01.032654500 info msg 50430369: bytes 402 from <anonymous@mydomain.com> qp 8336 uid 0
2004-02-28 10:00:01.096498500 starting delivery 248: msg 50430369 to local mydomain.com-root@mydomain.com

I am also thinking to collect this IP's addressed to or from non-existent local users and throttle their delivery to a
very slow rate (few bits per second). Had anyone implemented this?

Is there any implementation to collect this kind of IP's in a MySQL database?

How can I implement an automatic reporting system to and automatically submit this spam messages to abuse.net, RBL or
similar?




Thank you,

Chris P.