Re: Exchange/Microsoft SMTP Authenticated User spam?

["wirepair" <wirepair () roguemail net>]

Yup that was right on the money.
> For a while Ralsky had been using bluestell##, blueinfo## and
> propecia## as the localpart of the From address (with the domain
> being some bighost - usually msn.com or yahoo.com etc).
bluestell showed up as one of the names.... 
how the hell isn't this guy in jail?
-wire

On Tue, 14 Oct 2003 11:55:42 -0600
 Mike Lewinski <mike () rockynet com> wrote:
> wirepair wrote:
>
> > We've had two calls in the past month regarding supposed authenticated 
> > users sending out spam and using their external mail servers as 
> > relays. I was just curious if anyone else has seen this type of activity. 
>
>
> We have been seeing a lot of SMTP AUTH abuse, not just on Exchange but on any platforms that support it. The perpetrator(s) 
> appear to be going after well known accounts with weak passwords (i.e. webmaster / webmaster).
>
> See also:
>
> http://www.merit.edu/mail.archives/nanog/msg15353.html
> http://groups.google.com/groups?selm=3F869683.3000303%40blackehlo.cluestick.org

--
Visit Things From Another World for the best
comics, movies, toys, collectibles and more.
http://www.tfaw.com/?qt=wmf

---------------------------------------------------------------------------
----------------------------------------------------------------------------