On Fri, Jan 09, 2009 at 01:42:15PM -0600, David E. Smith wrote: > Scott Lambert wrote: > > Have your techs look at each cutomer's password every time they talk > > to a customer. The customer is already on the phone, "Dang, forgot my > > password again." Help them to choose a better password. > > Doesn't help, when the problem is their PC has keylogger software on it > that sends their new password off to Lower Elbonia.
It does help with the compromises. If the account is compromised twice, the customer has to bring in a "Doctor's note" saying that the system has been certified clean by some local, reputable, computer store, FOR THEIR PROTECTION, and yours. If a customer with a dirty computer refuses to clean it up and you don't remove their access, your mail servers will be blacklisted and all of your customers will be, hmm, let's call it slightly peeved? It can cost less to fire the customer. Customers often think they are "good with computers" and can use Windows Anti-Virus 2008/2009 to clean their own computer. We give them one chance to take care of it themselves. Then they have to have it done by a professional. After paying to have the computer cleaned a few times, they begin to believe us when we say that buying good anti-virus/spyware software, yearly, is cheap. Most of the relays via webmail or SMTP AUTH we have seen have been for users with stupid passwords, or users who fell for a phishing message. The compromised computers tend to send mail from their computer either directly or via our mail servers. The preemptive changing of weak passwords will head off a significant portion of successful relays. -- Scott Lambert KC5MLE Unix SysAdmin lamb...@lambertfam.org -------------------------------------------------------------------------------- WISPA Wants You! Join today! http://signup.wispa.org/ -------------------------------------------------------------------------------- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/