North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: qmail smtp-auth bug allows open relay

  • From: Margie Arbon
  • Date: Tue Jul 15 22:30:44 2003

--On Tuesday, July 15, 2003 8:17 PM -0600 John Brown <[email protected]> wrote:

Nope, I thought it might be operational in nature.  ergo
spammers and others now scanning for qmail-smtp-auth patch
users and using those weak sites as a relay.

I think this *is* operational in nature. FYI, we have found this hack actively being used on seemingly secure qmail, exchange, IMail, postfix servers run by admins with clue. And we have a pattern of the same content and an apparent small set of source IPs. (I'm working on that angle now)

Check your mail logs campers.

Margie Arbon Mail Abuse Prevention System, LLC
[email protected]