[Exim] Spammers using SMTP Auth

Páxina inicial
Esta mensaxe é parte do seguinte fío:
M\Árbore completa do fío ordenada por data
MM 
Richard Welty o ->
Borrar esta mensaxe
Responder a esta mensaxe
Autor: Adam Moffett
Data:  
Para: exim-users
Asunto: [Exim] Spammers using SMTP Auth
Just a little warning about spammer's trickery.

Apparently I've relayed 250,000 or so spam emails this month.

We had a user named "test" with a password of "test"...the account
belonged to a real customer, and the spammer(s) were authenticating as
this user.

One example:
2003-10-22 00:39:21 1ACAlz-0005uc-Cv <= ayaa@???
H=(smtp0632.mail.yahoo.com) [61.11.80.192] P=asmtp
A=plaintext_login:test S=4029
2003-10-22 00:39:45 1ACAlz-0005uc-Cv => lucas_81_au@???
R=dnslookup T=remote_smtp H=mx2.mail.yahoo.com [64.156.215.6]
2003-10-22 00:39:56 1ACAlz-0005uc-Cv Completed

We haven't been requiring email users to have strong passwords, we
thought since they aren't real users on the server that they really
couldn't do much damage to us by having a weak password (only to
themselves)....but we're considering having a strong password policy now.



Esta mensaxe foi enviada ás seguintes listas:
Exim-users
Información da lista | Mensaxes recentes		<-[Exim] Multiple SSL certificatesRe: [Exim] Spammers using SMTP Auth->
Tahini and Hummus and Cumin Development Archives administrado por cumin AdminsLurker (versión 2.3)