SPAM from own customers

Richard Welty rwelty at
Tue Dec 2 19:53:25 UTC 2003

On Tue, 2 Dec 2003 14:32:16 -0500 Brian Bruns <bruns at> wrote:
> SMTP AUTH is becoming risky if its not carefully setup and monitored.  I can
> name one big time spammer who has warmed up to cracking weak passwords on
> e-mail systems that do SMTP AUTH.  Means you'd have to filter your outbound
> mail servers port 25 from anyone not inside your network or a trusted
> source.

not just weak passwords, but there are also obvious default, admin,
and guest accounts on some SMTP servers which are sitting there,
easily guessed, and they are indeed being taken advantage of.

Richard Welty                                         rwelty at
Averill Park Networking                                         518-573-7592
    Java, PHP, PostgreSQL, Unix, Linux, IP Network Engineering, Security

More information about the NANOG mailing list