With modern adaptive mail gateways its increasingly hard for spammers to manipulate the system to send their spam which is good for all of us. There are however an increasing number of virii that steal passwords especially from email clients and with these passwords the spammers can then leverage the full capacity of the mail server, almost.

Hijack detection looks for sending patterns and when an account has a sudden increase in messages/minute that persists for more than an hour then the server will 'freeze' the account and create a ticket at the helpdesk automatically. When the account is frozen, it cannot send email, but it can receive it. 

Luckily this countermeasure is triggered very rarely but in the majority of times it is triggered we find that a mailbox password has been compromised and is being used to send spam.