Tis one of the reasons why I've disabled SMTP AUTH
on all of my servers for now. I've known about this for a few weeks
now. Its not surprising. Most of the servers cracked are Exchange
servers (probably thanks to weak passwords), but I still don't feel like taking
a chance.
Exchage does a horrible job of logging, which is
why they are probably being targeted. Most real SMTP servers (sendmail,
exim, postfix, qmail) log failed attempts in the maillog or via PAM (if they use
it).
--------------------------
Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.2mbit.com ICQ: 8077511
|
Title: Message
- New mail blocks result of Ralsky's latest attacks? Bob German
- Re: New mail blocks result of Ralsky's latest ... Brian Bruns
- Re: New mail blocks result of Ralsky's lat... Suresh Ramasubramanian
- RE: New mail blocks result of Ralsky's... Bob German
- Re: New mail blocks result of Ralsky's lat... Brian Bruns
- Re: New mail blocks result of Ralsky's latest ... Andrew D Kirch
- Re: New mail blocks result of Ralsky's latest ... Mike Tancsa
- Re: New mail blocks result of Ralsky's latest ... Suresh Ramasubramanian
- Re: New mail blocks result of Ralsky's lat... Steven Champeon
- Re: New mail blocks result of Ralsky's latest ... Steven M. Bellovin
- Re: New mail blocks result of Ralsky's lat... Suresh Ramasubramanian
- Re: New mail blocks result of Ralsky's lat... Fred Baker