Port 25 - Blacklash

• Previous message (by thread): Port 25 - Blacklash
• Next message (by thread): Port 25 - Blacklash
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 4/27/05, Joel Jaeggli <joelja at darkwing.uoregon.edu> wrote:
> > In any event the malware is already ahead of port 25 blocking and is
> > leveraging ISP smarthosting. SMTP-Auth is the pill to ease this pain/
> 
> Really smtp-auth will solve it? or do most windows mua's cache your
> password?

They sure do cache the password.

But with smtp auth, the infected user is stamped in the email headers,
and all over my MTA logs, when a bot that hijacks his PC starts
spamming.

I can easily remove auth privileges for his account, and/or limit his
access to a walled garden till such time as he cleans up - without
taking the trouble to match timestamps of the spam + dig into radius
logs

Easier to identify, and easier to lock down, than unauthenticated access

--srs

• Previous message (by thread): Port 25 - Blacklash
• Next message (by thread): Port 25 - Blacklash
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]