Rick Godwin of snowboard.com: I visited your website and I see that you allow anyone to sign up for free and get an instant email account on your server. You've opened Pandora's box and this is the result. Blaming IMail for this little disaster isn't quite fair.
I was able to sign up with totally bogus information, including the 'backup email' and found no requirement to confirm I'm a real person by email verification or anything else. I then took that garbage email account and the garbage password and your publicly available mail server of smtp.snowboard.com and plugged it into my outlook express and sent a quick test message to an alternate mail account and it went through perfectly. I could have just as easily plugged that info into any mail bomber program and used you as a relay without restriction. Webmail isn't your problem...scripting to the compose screen is actually the harder route. Blasting through SMTP given the username, password, and server is considerably easier. You've thrown all sense of security and authentication 'down the mountain' and effectively begged the world to use you as an authenticated relay. I don't know who your development team is, but I'm thinking you should fire them and tell us so that none of us make the mistake of hiring those idiots. Either they came up with the idea to do what you've done, or they did it on your order, but in either case they should've known better. This might have been avoided by putting new members on something like a 15-day probation membership and then offering them a fee-based email account on a credit card, using full address verification and security checks to limit fraud. Yes, you're getting blacklisted, and rightly so. If you shut that system off now, you 'might' get back in good graces and off the blacklists in 3-6 months, assuming you're prepared to do a considerable amount of begging and atonement for what you've done. Wait till your upstream provider gets wind of this and realizes that you've damaged them by poisoning the IP addresses assigned to you. That' a nice liability you've exposed yourself to and it may get you shut down and sued on top of everything else. Good luck. To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
