Facebook
Twitter
burnley
Regular Pleskian
Hi,
This morning I was dealing with a compromised mailbox used by spammers to send junk. They were using authenticated SMTP, but the funny thing is that the "sasl_username" used was not the mailbox name, but one of the aliases for that mailbox name. To stop the spammers I had to reset the password for the mailbox, obviously. I've reproduced this behaviour on 2 Plesk 11.0.9 servers, so here's my question:
Is the SMTP authentication permitted for aliases a feature or a bug? You can't use an email alias POP3/IMAP logins, but you can for SMTP.
This morning I was dealing with a compromised mailbox used by spammers to send junk. They were using authenticated SMTP, but the funny thing is that the "sasl_username" used was not the mailbox name, but one of the aliases for that mailbox name. To stop the spammers I had to reset the password for the mailbox, obviously. I've reproduced this behaviour on 2 Plesk 11.0.9 servers, so here's my question:
Is the SMTP authentication permitted for aliases a feature or a bug? You can't use an email alias POP3/IMAP logins, but you can for SMTP.
