Re: [exim] Spamtrap harvesting idea using fake authenticatio…

Inizio della pagina
Questo messaggio è parte di questo thread:
M--\il thread completo ordinato per data
M-\MJan Ingvoldstad at <-
M\MMIan Eiloart at ->
Delete this message
Reply to this message
Autore: Cyborg
Data:  
To: Exim-users@exim.org >> \"<exim-users@exim.org>\"
Oggetto: Re: [exim] Spamtrap harvesting idea using fake authentication
Am 07.06.2013 00:45, schrieb Jan Ingvoldstad:
> On Thu, Jun 6, 2013 at 8:52 PM, Marc Perkel <marc@???> wrote:
>
>> Here's an idea I'm working on. Wondering if anyone else is interested in
>> participating.
>>
>> As you all know there are a lot of SMTP servers (inbound) where there is o
>> authentication option. And we all know that there are lots of hackers and
>> hack viruses that work on authenticated smtp servers looking for weak
>> passwords so they can authenticate and send spam.
>>
>> Suppose we reconfigured servers with no authentication configuration to
>> advertise that they take authentication and that you have a fake
>> authenticator that accepts any password.
>>
>

thats easy to do, and a blackhole router prevents them from actual doing
harm on the internet.
The used auth credentionals can be saved and blacklisted on your server
farm.

Of course this server should be standalone, so no real world issues can
interfere.

I like the idea, and it's so simple to archive.

Marius



Questo messaggio è stato inviato alle seguenti mailing lists:
Exim-users
Informazioni sulla Mailing List | Messaggi correlati		<-[exim] Different retry pattern based on destination or other factor - mailing list distribution[exim] someone posted an none working exploit for exim->
Tahini and Hummus and Cumin Development Archives amministrato da cumin AdminsLurker (versione 2.3)