Security Incidents mailing list archives
Re: Exchange/Microsoft SMTP Authenticated User spam?
From: Mark Webb-Johnson <security () network-box com>
Date: 15 Oct 2003 09:08:42 +0800
We can confirm that we have seen a single occurance of this on one site we installed our product into last week. A weak SMTP AUTH username+password was the culprit, and the spam was coming from a dial-up ISP in Brazil. Regards, Mark Webb-Johnson On Wed, 2003-10-15 at 01:55, Mike Lewinski wrote:
wirepair wrote:We've had two calls in the past month regarding supposed authenticated users sending out spam and using their external mail servers as relays. I was just curious if anyone else has seen this type of activity.We have been seeing a lot of SMTP AUTH abuse, not just on Exchange but on any platforms that support it. The perpetrator(s) appear to be going after well known accounts with weak passwords (i.e. webmaster / webmaster). See also: http://www.merit.edu/mail.archives/nanog/msg15353.html http://groups.google.com/groups?selm=3F869683.3000303%40blackehlo.cluestick.org --------------------------------------------------------------------------- ----------------------------------------------------------------------------
-- Mark Webb-Johnson <security () network-box com> Network Box Corporation Ltd --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Exchange/Microsoft SMTP Authenticated User spam? wirepair (Oct 14)
- Re: Exchange/Microsoft SMTP Authenticated User spam? Mike Lewinski (Oct 14)
- Re: Exchange/Microsoft SMTP Authenticated User spam? wirepair (Oct 14)
- Re: Exchange/Microsoft SMTP Authenticated User spam? Mark Webb-Johnson (Oct 15)
- RE: Exchange/Microsoft SMTP Authenticated User spam? Jerry Shenk (Oct 14)
- Re: Exchange/Microsoft SMTP Authenticated User spam? Harlan Carvey (Oct 14)
- Re: Exchange/Microsoft SMTP Authenticated User spam? Kee Hinckley (Oct 14)
- Re: Exchange/Microsoft SMTP Authenticated User spam? Peter Moody (Oct 15)
- Re: Exchange/Microsoft SMTP Authenticated User spam? Mike Lewinski (Oct 14)