Author: Jan Ingvoldstad Date: To: exim users Subject: Re: [exim] Spamtrap harvesting idea using fake authentication
On Sun, Jun 9, 2013 at 5:08 AM, Todd Lyons <tlyons@???> wrote:
>
> Even better: accept that 1%, store that info, and then wait for IP's
> to connect using that username and password combination (and either
> reject it or blackhole it, your choice) and use long delays for
> systems that connect with that user/pass combo.
>
> The resulting data will tie together methods/sources of password
> cracking with the exploited systems that try to abuse it.
As long as the list is purged once in a while, that should work okay.
