RE: How'd they do that?

• From: Andrea Coppini <AndreaCoppini@xxxxxxxx>
• To: "'[ExchangeList]'" <exchangelist@xxxxxxxxxxxxx>
• Date: Mon, 15 Jul 2002 12:51:51 +0200

Could it be that LDAP is allowed to be accessed by the internet?

I'm not sure, but I think you can get the e-mail addresses of users using an
LDAP query without being authenticated.

The spammer could have used LDAP to retreive all e-mail addresses it can
find and send spam to those addresses.

-----Original Message-----
From: exchange@xxxxxxxxxxx [mailto:exchange@xxxxxxxxxxx] 
Sent: Sunday, July 14, 2002 12:57 AM
To: [ExchangeList]
Subject: [exchangelist] RE: How'd they do that?


http://www.MSExchange.org/

I have a question you say everyone got this message but did the message 
specifically send to their (your clients) email id or was it just a spam 
message? Check the header of the message and see who the recipients are.

At 10:50 AM 7/12/2002 -0700, you wrote:
>http://www.MSExchange.org/
>
>Thanks for the response, Frank.  I'm really new to Exchange.  Could you 
>go into more detail?
>
>-----Original Message-----
>Perhaps a mail-enabled security group (like perhaps Domain Users)??? 
>____________________ FRANK WAKELIN
>NETWORK ANALYST
>
>***********************************************************************
>*****
>This message is intended for the sole use of the individual and entity to
>whom it is addressed, and may contain information that is privileged,
>confidential and exempt from disclosure under applicable law.  If you are
>not the intended addressee, nor authorized to receive for the intended
>addressee, you are hereby notified that you may not use, copy, disclose or
>distribute to anyone the message or any information contained in the
>message.  If you have received this message in error, please immediately
>advise the sender by reply email and delete the message.  Thank you very
>much.
>
>------------------------------------------------------
>You are currently subscribed to this MSExchange.org Discussion List as:
>exchange@xxxxxxxxxxx
>To unsubscribe send a blank email to
$subst('Email.Unsub')


------------------------------------------------------
You are currently subscribed to this MSExchange.org Discussion List as:
andreacoppini@xxxxxxxx
To unsubscribe send a blank email to
$subst('Email.Unsub')

Other related posts:

• » How'd they do that?
• » RE: How'd they do that?
• » RE: How'd they do that?
• » RE: How'd they do that?
• » RE: How'd they do that?
• » RE: How'd they do that?
• » RE: How'd they do that?
• » RE: How'd they do that?

1. Home
2. exchangelist
3. Archive
4. 07-2002

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---