[Exim] Spammers using SMTP Auth

Pàgina inicial
Aquest missatge és part del següent fil:
M\l'arbre de fils complet ordenat per data
MM 
Richard Welty en ->
Delete this message
Reply to this message
Autor: Adam Moffett
Data:  
A: exim-users
Assumpte: [Exim] Spammers using SMTP Auth
Just a little warning about spammer's trickery.

Apparently I've relayed 250,000 or so spam emails this month.

We had a user named "test" with a password of "test"...the account
belonged to a real customer, and the spammer(s) were authenticating as
this user.

One example:
2003-10-22 00:39:21 1ACAlz-0005uc-Cv <= ayaa@???
H=(smtp0632.mail.yahoo.com) [61.11.80.192] P=asmtp
A=plaintext_login:test S=4029
2003-10-22 00:39:45 1ACAlz-0005uc-Cv => lucas_81_au@???
R=dnslookup T=remote_smtp H=mx2.mail.yahoo.com [64.156.215.6]
2003-10-22 00:39:56 1ACAlz-0005uc-Cv Completed

We haven't been requiring email users to have strong passwords, we
thought since they aren't real users on the server that they really
couldn't do much damage to us by having a weak password (only to
themselves)....but we're considering having a strong password policy now.



Aquest missatge es va enviar a les següents llistes de correu:
Exim-users
Informació sobre la llista de correu | Missatges propers		<-[Exim] Multiple SSL certificatesRe: [Exim] Spammers using SMTP Auth->
Tahini and Hummus and Cumin Development Archives administrat per cumin AdminsLurker (versió 2.3)