> Charles Gregory wrote: >> To be truthful, I have been doing this by default here, as well, but >> find that it creates some problems for some users. So I am thinking >> about opening up SMTP-AUTH ports. Trouble is (and its semi-relevance to >> this list) I have to wonder if I am opening myself up to a significant >> risk of >> having one of my user's passwords hijacked and used to send spam? >> >> Will I be just opening up opportunities for spammers to use my server >> with stolen passwords, or is this a relatively rare occurence?
On 10.08.09 11:24, Rick Macdougall wrote: > I can't speak for others but at my main job (20K+ email accounts) it > happens about once every 2 month's or so. Some how the spammer gets a > hold of someone's password and either uses smtp-auth or webmail to send > out spam. > > How ever, I know of two other companies that I do consulting for where > it happens almost weekly (one of them, 4 different users in the past 2 > weeks). Both of these companies have their web presence and email > hosted on the same machine, so it would not surprise me if the passwords > had been some how compromised. Do they provide unauthenticated SMTP relay from their own IP space or not? Because if not, there's not much to compare. I found blocking user's account much easier than blacklisting the source IP, especially when it may change. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. There's a long-standing bug relating to the x86 architecture that allows you to install Windows. -- Matthew D. Fuller
