Author: Nico Erfurth Date: To: Tim Jackson CC: exim-users@exim.org Subject: Re: [Exim] Using ACL to block spaam... possible?
On Sun, 23 Mar 2003, Tim Jackson wrote:
> To be fair, that's a fairly subtle mistake of the kind that any of us
> could probably make on a bad day, so I apologise for being slightly abrupt
> yesterday. Assuming however that the small change above gets the
> unrestricted relaying sorted, let us know if you have any further problems
> with getting SMTP AUTH working. Take care to make sure that you can't
> authenticate by using an empty username or password, as that seems to be
> something that happens quite often, and there additionally seems to be
> some evidence that spammers are starting to exploit it.
I've tried to contact the ORDB-people one week ago, to add a check for
this, but no reply yet :-/
I think we'll see this happen very often in the next time, so we should
take countermeasures BEFORE this becomes a problem.