Re: [exim4] mixed up about terminology
On 10/8/2014 1:25 PM, Jonathan Dowland wrote:
>
>
>
>> On 8 Oct 2014, at 18:03, Jerry Stuckle <jstuckle@attglobal.net> wrote:
>>
>> Do you also allow your users to log into your systems via ssh or telnet
>> with no root password?
>
> Of course not. That's not even remotely the same thing. Don't be ludicrous.
>
>>
>> You claim the likelyhood is low - but are you sure about that?
>
> Yes.
>
>> Spammers look for such things all the time.
>
> I disagree. I'm starting to wonder if you are talking about the same thing as me. Are you asserting that spammers are out there trying to break wifi encryption on home net connections? Seems like a lot of effort to me, with serious geographical challenges, to get IPs that are in PBL lists anyway.
>
Yup, ones looking for WiFi access points with no security or even easily
broken security such as WEP. It's not hard to drive around a
neighborhood and find such - even in my neighborhood there are probably
a dozen within a few block radius. Once they find one, they can quickly
send hundreds (or thousands) of emails, then move on (and remember where
the access point is). And no, many of them are NOT in PBLs - at least
until the spam hits the fan.
It's bad enough that many ISPs have blocked Port 25 on residential services.
There are a LOT of people who just go to the local computer store, get
an access point and plug it in. They don't bother to configure it
because it "works out of the box".
>> My servers and even my home network
>> logs show multiple attempts every day by hackers.
>
> I haven't advocated he expose a listening SMTP server to the Internet. Quite the opposite.
>
Then how do you receive email? If you're using your ISP's MTA (or
another one), why not just use that for sending email, also?
Jerry
Reply to: