SPAM from own customers
Richard Welty
rwelty at averillpark.net
Tue Dec 2 19:53:25 UTC 2003
On Tue, 2 Dec 2003 14:32:16 -0500 Brian Bruns <bruns at 2mbit.com> wrote:
> SMTP AUTH is becoming risky if its not carefully setup and monitored. I can
> name one big time spammer who has warmed up to cracking weak passwords on
> e-mail systems that do SMTP AUTH. Means you'd have to filter your outbound
> mail servers port 25 from anyone not inside your network or a trusted
> source.
not just weak passwords, but there are also obvious default, admin,
and guest accounts on some SMTP servers which are sitting there,
easily guessed, and they are indeed being taken advantage of.
richard
--
Richard Welty rwelty at averillpark.net
Averill Park Networking 518-573-7592
Java, PHP, PostgreSQL, Unix, Linux, IP Network Engineering, Security
More information about the NANOG
mailing list