Relaying question

• From: "Allen, Chris" <CAllen@xxxxxxxxxxxxxxxx>
• To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
• Date: Fri, 26 Sep 2003 09:34:14 -0400

 

Per SpamCop and SpamHaus, "Spammers are taking advantage of weak
passwords on systems using smtp/auth and brute force finding
name/password combinations that work and then sending spam thru these
servers. There are various characteristic footprints for this and one of
them is the use of a "from" address of the format bluestallnn@some legit
ISP and the "nn" iterates in each successive spam.

 

bluestelllf@xxxxxxx

bluestellpg@xxxxxxxxxxx

bluestelluf@xxxxxxxxx "

 

My question is this, if I uncheck "Allow all computers which
successfully authenticate to relay, regardless of the list above", will
this effectively stop brute force attacks on weak passwords as far as
exchange is concerned and what will this break?

 

I am also taking measure by blocking their entire block of IPs. The
ranges are as follows:

 

211.158.32.0/20

211.158.48.0/21

211.158.80.0/20

219.153.144.0/20

 

Other related posts:

• » Relaying question
• » RE: Relaying question
• » RE: Relaying question
• » RE: Relaying question
• » RE: Relaying question
• » RE: Relaying question
• » RE: Relaying question
• » RE: Relaying question
• » RE: Relaying question
• » RE: Relaying question
• » RE: Relaying question
• » RE: Relaying question
• » RE: Relaying question
• » RE: Relaying question
• » RE: Relaying question
• » RE: Relaying question
• » RE: Relaying question

1. Home
2. exchangelist
3. Archive
4. 09-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---