My server is being used to send phishing mails. It is not an open relay, and all the tests I've done confirm that it is secure. That means that whoever is using it to relay must be authenticating, possible through a weak password. So how can I get the mail log to record which authenticated user is sending each mail? Alternatively, is there a way to look at mail passwords (to look for a weak one) Failing that, how can I disable authenticated SMTP sending?