qmail smtp-auth bug allows open relay
Margie Arbon
margie at mail-abuse.org
Wed Jul 16 02:29:09 UTC 2003
--On Tuesday, July 15, 2003 8:17 PM -0600 John Brown
<jmbrown at chagresventures.com> wrote:
>
> Nope, I thought it might be operational in nature. ergo
> spammers and others now scanning for qmail-smtp-auth patch
> users and using those weak sites as a relay.
>
I think this *is* operational in nature. FYI, we have found this
hack actively being used on seemingly secure qmail, exchange, IMail,
postfix servers run by admins with clue. And we have a pattern of the
same content and an apparent small set of source IPs. (I'm working
on that angle now)
Check your mail logs campers.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
-=
Margie Arbon Mail Abuse Prevention System, LLC
margie at mail-abuse.org http://mail-abuse.org
More information about the NANOG
mailing list