>>Well, spammers are trying to crack accounts through SMTP AUTH for quite a long time - this was mentioned in news more than once. >>Check following threads:
All that appears to be weak username/password attacks. The reports also all say it's against Exchange and they blame Exchange, not knowing that Exchange uses Active Directory and can therefore will block this sort of thing if your network is set up to block it. Anyway, I guess this is a decent way to attack any SMTP server as it is to attack any network at all. Do intrusion scanners test for weak SMTP AUTH credentials these days? Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ http://blog.ziffdavis.com/seltzer [EMAIL PROTECTED] _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
