Almost 10 years ago I wrote this short blog article with some ideas arising from the examination of a fairly large numbers of incidents: https://www.spamhaus.org/news/article/681/spam-through-compromised-passwords-can-it-be-stopped
I think that it is basically still quite current, except for some GDPR-related aspects, and although the last sentence was clearly, well, a little too optimistic. Unfortunately MSAs did not evolve as fast as we hoped, and several organisations continue to allow compromised accounts to start sending with astounding intensities. Natale M Bianchi To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/anti-abuse-wg
