On 11/17/21 9:12 PM, Jarland Donnell via mailop wrote:
> If you can get the passwords that are going around in these database dumps and
> compare them to email accounts in your system, test those passwords against
> their email accounts using automation, and then force a password change it if
>
Another thing that people maybe haven't thought of, and it's actually a
wider issue than just email password compromises.
A lot of people just don't care that much about their password security.
The thinking is "what's someone going to do if they can log into my email
account and read my emails?"
On 11/17/21 00:10, Hans-Martin Mosner via mailop wrote:
Here I want to focus on hacked mail accounts. I can think of two major
root causes but I have no idea about their relative significance:
* Easily guessable passwords, with two subcauses for exploits:
o Brute force authentication
There's an idea I've been toying with for a long time, and it's not
particularly revolutionary. But almost no one is doing it this
specifically, and I think it would be an excellent show of competency
for anyone willing to go that slightly extra mile.
If you can get the passwords that are
Hi,
Dňa Wed, 17 Nov 2021 13:31:50 -0600 Scott Mutter via mailop
napísal:
> Unless you are sending an encrypted password to your mail server (in
> which case, the compromiser still has the necessary to log into your
> email account) then this has to be decrypted some how by the email
>
Thanks everybody for your insights and additional thoughts to consider. Indeed I didn't think of the phishing and
password re-use scenarios, which are certainly responsible for quite a number of mail account hacks.
My goal is to have some possibilities to list when contacting admins of systems
>If one use good email client/browser, locally stored passwords are not a
> problem as they are encrypted
Unless you are sending an encrypted password to your mail server (in which
case, the compromiser still has the necessary to log into your email
account) then this has to be decrypted some how
Do you have any changes for the DKIM signing Domains? We currently have
mail.ru, bk.ru, list.ru, internet.ru, inbox.ru and mail.ua on record for your
system.
Tobias Herkula
--
Senior Product Owner Mail Security
Product Mail Platform
1&1 Mail & Media GmbH | Mitte | 10115 Berlin | Deutschland
Ahoj,
Dňa Wed, 17 Nov 2021 11:51:46 -0600 Scott Mutter via mailop
napísal:
> Don't forget local compromises - keyloggers, spyware, and other
> malware - running on an end-user's system.
If one use good email client/browser, locally stored passwords are not a
problem as they are encrypted:
Don't forget local compromises - keyloggers, spyware, and other malware -
running on an end-user's system.
If you are checking your email with an email client and not entering your
password every time you check for mail (which most of us don't do) then the
password to your email is stored some
It appears that Bill Cole via mailop said:
>Who needs to bother with brute force "cracking" when so many passwords
>are just out there for the taking?
Botnets. My MTA accepts any login, says it works, and directs any subsequent
mail
to the spamtrap. Here's attempts from the last 20 minutes.
And speaking of phishing, since I haven't seen in mentioned on this list
yet, as of Nov. 15th, it appears that EMOTET is now live again.
As many of you know, EMOTET was very damaging, because of it's unique
phishing techniques, eg they would compromise one account, then they
would strip all
On 2021-11-17 at 03:10:13 UTC-0500 (Wed, 17 Nov 2021 09:10:13 +0100)
Hans-Martin Mosner via mailop
is rumored to have said:
Hi folks,
I'm trying to understand the root causes and vulnerabilities that lead
to hacked mailboxes. Currently, we can handle dynamic IP ranges pretty
well, and we
Hey there Mailop folks,
Spamhaus would like to invite the MailOP community to test our beta
domain blocklists with hostnames.
We’ve developed this version of the DBL to provide increased accuracy
when using the abused-legit component of the DBL (listings of
compromised websites).
Yes, people do research these things..
(Which reminds me, I do have to finish that blog post on Best Practices
for ISP's and Telco's)
Fortunately, we not only provide email servers, but we have a threat
division as well, so we take a lot of time to look into these issues.
I will send you a
Does anybody have a competent technical contact for docuguide.com
issues? (DKIM/DMARC issue with a customer domain...)
Ralf Hildebrandt
Charité - Universitätsmedizin Berlin
Geschäftsbereich IT | Abteilung Netzwerk
Campus Benjamin Franklin (CBF)
Haus I | 1. OG | Raum 105
Hindenburgdamm 30 |
1. Mail.ru starts using 45.84.128.0/23 for webmail traffic, please
update your ratelimits / rule descriptions
2. We have recently implemented TLS reporting with MTA-STS supported,
please let me know if you see any issues with it.
--
Vladimir Dubrovin
Technical advisor @ Mail.ru
On 11/17/21 9:10 AM, Hans-Martin Mosner via mailop wrote:
> Here I want to focus on hacked mail accounts. I can think of two major root
> causes but I have no idea about their relative significance:
> * Easily guessable passwords, with two subcauses for exploits:
> o Brute force
Hi folks,
I'm trying to understand the root causes and vulnerabilities that lead to hacked mailboxes. Currently, we can handle
dynamic IP ranges pretty well, and we have an extensive list of network ranges whose owner are spammers or knowingly
accept spammers as customers.
So what mainly
19 matches
Mail list logo
