>Since we switched to Imail, we've had an increase in spammers. The spam
>mails are sent to specific user accounts. For example, the spam will be
>sent to the account [EMAIL PROTECTED] (just an example user). Does
>anyone know how they get a list of our users' ids
Spammers harvest email addresses from mailing lists and newsgroups,
and the archives of both.
>and how to keep this from happening?
don't participate on public mailing lists and newsgroups.
>We have the verify command disabled.
That's useful to block harvesting with the SMTP VRFY command. But it
doesn't stop a dictionary attack.
> Are there security holes
>in Imail?
I haven't see a report that crackers have cracked Imail's internal
user base. That approach seems pretty "expensive" for them, ie
illegal and time-consuming, since there are cdroms available (I get
spam selling me 70 million email addresses) and other, cheaper, much
larger sources than an Imail.
Len
http://BIND8NT.MEIway.com: ISC BIND 8.2.2 p5 installable binary for NT4
http://IMGate.MEIway.com: Build free, hi-perf, anti-spam mail gateways
Please visit http://www.ipswitch.com/support/mailing-lists.html
to be removed from this list.
An Archive of this list is available at:
http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
