|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Exchange/Microsoft SMTP Authenticated User spam?
From: Mark Webb-Johnson (security
network-box.com)
Date: Tue Oct 14 2003 - 20:08:42 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
We can confirm that we have seen a single occurance of this on
one site we installed our product into last week. A weak SMTP AUTH
username+password was the culprit, and the spam was coming from a
dial-up ISP in Brazil.
Regards,
Mark Webb-Johnson
On Wed, 2003-10-15 at 01:55, Mike Lewinski wrote:
> wirepair wrote:
>
> > We've had two calls in the past month regarding supposed authenticated
> > users sending out spam and using their external mail servers as
> > relays. I was just curious if anyone else has seen this type of activity.
>
>
> We have been seeing a lot of SMTP AUTH abuse, not just on Exchange but
> on any platforms that support it. The perpetrator(s) appear to be going
> after well known accounts with weak passwords (i.e. webmaster / webmaster).
>
> See also:
>
> http://www.merit.edu/mail.archives/nanog/msg15353.html
> http://groups.google.com/groups?selm=3F869683.3000303%40blackehlo.cluestick.org
>
>
>
>
> ---------------------------------------------------------------------------
> ----------------------------------------------------------------------------
--
Mark Webb-Johnson <securitynetwork-box.com>
Network Box Corporation Ltd
---------------------------------------------------------------------------
----------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]