Author: Cyborg Date: To: Exim-users@exim.org >> \"<exim-users@exim.org>\" Subject: Re: [exim] Spamtrap harvesting idea using fake authentication
Am 07.06.2013 00:45, schrieb Jan Ingvoldstad: > On Thu, Jun 6, 2013 at 8:52 PM, Marc Perkel <marc@???> wrote:
>
>> Here's an idea I'm working on. Wondering if anyone else is interested in
>> participating.
>>
>> As you all know there are a lot of SMTP servers (inbound) where there is o
>> authentication option. And we all know that there are lots of hackers and
>> hack viruses that work on authenticated smtp servers looking for weak
>> passwords so they can authenticate and send spam.
>>
>> Suppose we reconfigured servers with no authentication configuration to
>> advertise that they take authentication and that you have a fake
>> authenticator that accepts any password.
>>
>
thats easy to do, and a blackhole router prevents them from actual doing
harm on the internet.
The used auth credentionals can be saved and blacklisted on your server
farm.
Of course this server should be standalone, so no real world issues can
interfere.