Well for example of the trouble RBLS cause see this one for your own number:
-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no
trust
[212.26.193.44 listed in list.dnswl.org]
>and then immediately forget it, which is what I want. It is the
people
>who use the webmail interface on multiple different systems, kiosk
>computers and the like, who are the problem. When hosts out on the
>Internet get busted into, the spammers get their passwords and
>email addresses and start relaying. I've confirmed this with several
>users I've called and it's always the same story.
>Strange your webmail should be on https then it is difficult to catch
>passwords.
As I mentioned already the issue isn't that people using the password on
the webmail interface are getting hacked, The issue is people using
the email password on -other- servers on the Internet, which then later
get hacked. Some users in fact never use the webmail interface yet
still get hacked, it is because they choose to use the same password on
multiple servers on the Internet.
It's more prevalent with the webmail users because those users type the
password in repeatedly, which commits it to their memory, and then since
it is committed to memory they find it easy to use elsewhere.
2FA isn't going to help unless 2FA could be applied to the SMTP Auth
port. In fact, since my incoming and outgoing mailservers are
independent servers, I can use different passwords for incoming and
outgoing servers, which is one answer. However, that is a decision that
would have been great if it was made back in 2004 when I split the
mailserver into independent servers.
The main coorelation I have is that users who call me asking "what is my
email password" because they are setting up new phones, etc. - they are
never hacked. It's the users that remember the passwords that get
hacked - obviously because they are using them elsewhere.
Ted
