Author: Georges Arnould Date: To: frank CC: exim-users Subject: Re: [Exim] [ Exim 3.36 ] SMTP AUTH hacked ?
> Just a thought, but are you sure that the relay came from outside your > sub-net? Is it possible that one of your internal systems was
> compromised in some way and that the internal system was used to send
> out the spam?
Nope : the spammers came from all over the world ... It seems that I have
progressively been discovered : a "huge spammer" (1600+ messages) came from
an IP, then others arrived and started to flood ... I never had spam before
: never received a single abuse (abuse@ routed to me and juste re-tested
:-)). Within one hour, I received 10 spammers that suddenly manage to send
mail through my system. My MTA could be misconfigured, but I am surprised
that so many spammers manage to bypass AUTH within a so short time !