On Fri, 2013-08-23 at 16:00 -0500, Lindsay Haisley wrote: > > Do you mean you wouldn't have conceded the relay auth flag to that user > > of yours? Based on what, if you don't mind my asking? You may be able > > to estimate who is more likely to catch a key-logger, but there's no way > > to tell for sure... > > As a rule, I don't provide SMTP services to any FMP customers by > default. Since FMP is an IPP, not an ISP, I encourage users to use the > SMTP services provided by their ISPs.
It's interesting to note that the user whose auth tokens were compromised to use my mail server to send spam _was_ using her ISP's SMTP server for sending email, as I generally advise. Because of the programming hiccup, it happened that her POP3/IMAP credentials could also be used to access authenticated SMTP on the server, so the hack used to send spam was out-of-band and an exploit of a vulnerability on _my_ end as well as a virus on her end. -- Lindsay Haisley | "UNIX is user-friendly, it just FMP Computer Services | chooses its friends." 512-259-1190 | -- Andreas Bogk http://www.fmp.com | ------------------------------------------------------------------------------ Introducing Performance Central, a new site from SourceForge and AppDynamics. Performance Central is your source for news, insights, analysis and resources for efficient Application Performance Management. Visit us today! http://pubads.g.doubleclick.net/gampad/clk?id=48897511&iu=/4140/ostg.clktrk _______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users