On Mon, 01 Jun 2009 23:01:41 +0800 W B Hacker wrote: ..<snip>... > > It should not be as easy for an attack to suceed as you claim - your > authentication may have holes in it. >
Bill, Just as a note, one of the "new" things that spammers have figured out is to use the account settings as defined in a computers email client; yes, everytime I have seen this happen the user has gotten one kind of malware or another on the system, normally things they have installed... Most people (whether they should or not) save the password so that they never have to type it in. Any way, once they have the account settings, they just send that information to other computers they have, and start sending things. And yes, I have seen some accounts, normally webmail accounts, get brute forced, but only when the passwords have been 4 characters or less, or when a password has been set as varation of the username. ..<snip>... -- --EAL-- -- -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
