Port 25 - Blacklash
Suresh Ramasubramanian
ops.lists at gmail.com
Wed Apr 27 09:01:42 UTC 2005
On 4/27/05, Joel Jaeggli <joelja at darkwing.uoregon.edu> wrote:
> > In any event the malware is already ahead of port 25 blocking and is
> > leveraging ISP smarthosting. SMTP-Auth is the pill to ease this pain/
>
> Really smtp-auth will solve it? or do most windows mua's cache your
> password?
They sure do cache the password.
But with smtp auth, the infected user is stamped in the email headers,
and all over my MTA logs, when a bot that hijacks his PC starts
spamming.
I can easily remove auth privileges for his account, and/or limit his
access to a walled garden till such time as he cleans up - without
taking the trouble to match timestamps of the spam + dig into radius
logs
Easier to identify, and easier to lock down, than unauthenticated access
--srs
More information about the NANOG
mailing list