On 4/27/05, Joel Jaeggli <joelja@darkwing.uoregon.edu> wrote:
In any event the malware is already ahead of port 25 blocking and is
leveraging ISP smarthosting. SMTP-Auth is the pill to ease this pain/
Really smtp-auth will solve it? or do most windows mua's cache your
password?
They sure do cache the password.
But with smtp auth, the infected user is stamped in the email headers,
and all over my MTA logs, when a bot that hijacks his PC starts
spamming.
I can easily remove auth privileges for his account, and/or limit his
access to a walled garden till such time as he cleans up - without
taking the trouble to match timestamps of the spam + dig into radius
logs
Easier to identify, and easier to lock down, than unauthenticated access
--srs
You forgot to add the ability to rate-limit by ip sender or by
authenticated user, all tools in bringing trojaned users under control.
