27 Apr
2005
27 Apr
'05
5:01 a.m.
On 4/27/05, Joel Jaeggli <joelja@darkwing.uoregon.edu> wrote:
In any event the malware is already ahead of port 25 blocking and is leveraging ISP smarthosting. SMTP-Auth is the pill to ease this pain/
Really smtp-auth will solve it? or do most windows mua's cache your password?
They sure do cache the password. But with smtp auth, the infected user is stamped in the email headers, and all over my MTA logs, when a bot that hijacks his PC starts spamming. I can easily remove auth privileges for his account, and/or limit his access to a walled garden till such time as he cleans up - without taking the trouble to match timestamps of the spam + dig into radius logs Easier to identify, and easier to lock down, than unauthenticated access --srs