Security Incidents mailing list archives
Re: Exchange/Microsoft SMTP Authenticated User spam?
From: Kee Hinckley <nazgul () somewhere com>
Date: Tue, 14 Oct 2003 14:55:49 -0400
At 10:27 AM -0700 10/14/03, wirepair wrote:
We've had two calls in the past month regarding supposed authenticated users sending out spam and using their external mail servers as relays. I was just curious if anyone else has seen this type of activity. I crawled the archives
There are known to be ongoing attacks against weak passwords on Exchange servers (which apparently don't lock out attempts after multiple failures). The references I've seen speak of attacks on default Exchange mail accounts. I don't know if they've gone beyond that yet, although I can't imagine why they wouldn't.
-- Kee Hinckley http://www.messagefire.com/ Next Generation Spam Defense http://commons.somewhere.com/buzz/ Writings on Technology and Society I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's. --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Exchange/Microsoft SMTP Authenticated User spam? wirepair (Oct 14)
- Re: Exchange/Microsoft SMTP Authenticated User spam? Mike Lewinski (Oct 14)
- Re: Exchange/Microsoft SMTP Authenticated User spam? wirepair (Oct 14)
- Re: Exchange/Microsoft SMTP Authenticated User spam? Mark Webb-Johnson (Oct 15)
- RE: Exchange/Microsoft SMTP Authenticated User spam? Jerry Shenk (Oct 14)
- Re: Exchange/Microsoft SMTP Authenticated User spam? Harlan Carvey (Oct 14)
- Re: Exchange/Microsoft SMTP Authenticated User spam? Kee Hinckley (Oct 14)
- Re: Exchange/Microsoft SMTP Authenticated User spam? Peter Moody (Oct 15)
- Re: Exchange/Microsoft SMTP Authenticated User spam? Mike Lewinski (Oct 14)