Re: [exim] 419 spammer - Help with AUTH ACL

Top Page
This message is part of the following thread:
M+\the complete thread tree sorted by date
MMMThomas kinghorn at <-
MMike Cardwell at ->
Delete this message
Reply to this message
Author: Graeme Fowler
Date:  
To: exim-users
Subject: Re: [exim] 419 spammer - Help with AUTH ACL
On Mon, 2009-06-01 at 14:55 +0200, Thomas kinghorn wrote:
> My server is currently being used, via a compromised account, to send junk
> to various freemail accounts.

There is only one thing you can do here to stop this from happening, and
that is to change the account's password immediately and wait for the
customer to contact you by phone with some verifiable credentials.

The longer you leave the account open, even with clever ACL tricks, the
longer your systems are open to abuse. And if you alert the scammer to
the fact that you know the account is compromised, what is to stop them
contacting you to get the password changed?

It might seem brutal, but changing the password to something random so
the account is inaccessible is the only secure way to deal with this.

Graeme


This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-[exim] 419 spammer - Help with AUTH ACLRe: [exim] 419 spammer - Help with AUTH ACL->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)