[129431] in North American Network Operators' Group
Re: ISP port blocking practice
daemon@ATHENA.MIT.EDU (Jon Auer)
Mon Sep 6 04:43:04 2010
In-Reply-To: <14703034.678.1283747330776.JavaMail.franck@franck-martins-macbook-pro.local>
Date: Mon, 6 Sep 2010 03:42:48 -0500
From: Jon Auer <jda@tapodi.net>
To: Jon Lewis <jlewis@lewis.org>, nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
> With all the different webmail systems, it seems unlikely to me (though I=
definitely wouldn't say impossible) that bots are spamming through your we=
bmail (unless you work for gmail, hotmail, etc. and are an attractive enoug=
h target that it made sense to code a bot to automate utilizing your webmai=
l interface). =C2=A0Bots being used as proxies seems far more likely to me =
for the general case of "bots" spamming through an ISP's webmail.
>
Many providers and hosts use the same webmail packages so the work to
automate is a bit lower than one might think.
We have seen bots sending spam using our squirrelmail and roundcube
webmail using credentials gleaned from phishing activity.
