SMTP authentication for broadband providers

• Previous message (by thread): SMTP authentication for broadband providers
• Next message (by thread): SMTP authentication for broadband providers
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>Right now SMTP AUTH is a bit more useful because the mailer can directly
>identify the compromised subscriber.  But I expect this to also be
>short-lived.  Eventually the compromised computers will start passing
>authentication information.

SMTP AUTH and 587 might not be silver bullets but they can
shift the action into an arena where we can use bigger
clubs to beat the spammers. Right now, if someone sends
SPAM they are not breaking the law. However, if someone
compromises another person's computer, steals their authentication
credentials, transfers those credentials to another compromised
computer and then sends SPAM, they are clearly breaking the law.

They are also doing something that banks, credit card
companies and law enforcement agencies are very interested
in tracking down, namely the theft and transfer of 
authentication credentials. And if we get to the point where
people can rightly claim that 94.7% of SPAM is the direct
result of security flaws in Microsoft operating systems, then 
there is another big club in the form of the FTC and class
action suits that can be applied to the problem.

--Michael Dillon

• Previous message (by thread): SMTP authentication for broadband providers
• Next message (by thread): SMTP authentication for broadband providers
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]