In my case, the worst origins for these exploits was Brazil and Russia.
They are usually in the form of Pharmacy spams, but one was an outright hack.
I solved it by requiring an email application process by disallowing the username "*". This prevented uninvited guests or bots from signing up and dropping their spoor.
"I solved it by requiring an email application process by disallowing the username "*". "
process AND by disallowing ?
Just trying to make sure.
Also one of the reasons I wanted to have someone else host the script is for script updates which assumably would be done by a competent hoster.
Does that make sense?