I have a rather delicate situation that I need advice on.
A person in our network is sending out excessive amounts of email through a single account (by establishing smtp connections with our ISPs smtp server) This is like 5000 emails in 8 hours!
We have a network switch, and then a PIX 515E and a Cisco 1721 router with a T-1 connection to the ISP. As you'd appreciate, the T-1 is being utilized by this person only. We have tried warning her but we can't do much because she's the wife of our chairman. We know what her internal ip is, but all internal IPs are Natted to an external ip at our pix, so we need to find a way to limit her bandwidth or number of smtp connections she can make at the pix level. Any ideas? thanks.