>On 2012-11-14 17:29, Alessandro Vesely wrote: >> My server is smaller than yours. I block IPs after failed login, and >> until now I've hoped that to be enough. Might I ask you what amounts >> of time and attempts did the attacker need to break in?
On 14.11.12 20:16, Mark Constable wrote: >We've got a few thousand users and every now and then one will answer a >phishing spam with their login details and sure enough we'll see up to >100k spams go out from that account before we notice and change the >users password and clear the mailq with... I've used to track users replying to phishing addresses and warned them from doing so. In case of weak passwords or unability to contact the user by out hotline, I've requested changing passwords. I've also used to report such scams when they were e.g. on google docs. We have also multiple times warned users before providing their passwords to untrusted sites etc. While doing any kind of is just not enough, it often helps at least a bit. Unfortunately I haven't got to processing such phishes and creating clamav signatures or spamassassin rules to avoid such content (before leaving my former empyer. >https://raw.github.com/svarshavchik/courier-contrib/master/cancelmailq.sh > >Some kind of rate limiting scheme per user would be very handy. Something >like 10 seconds between outgoing connections, per user, would not impact a >normal single or a dozen or so CC'd messages (the sender would not notice) >but it could make the difference between a few 1000 (at most) or 100,000 >(or more) messages going out per user in any 24 hour period. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Fucking windows! Bring Bill Gates! (Southpark the movie) ------------------------------------------------------------------------------ Monitor your physical, virtual and cloud infrastructure from a single web console. Get in-depth insight into apps, servers, databases, vmware, SAP, cloud infrastructure, etc. Download 30-day Free Trial. Pricing starts from $795 for 25 servers or applications! http://p.sf.net/sfu/zoho_dev2dev_nov _______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
