18 Nov
2021
18 Nov
'21
4:16 a.m.
Almost 10 years ago I wrote this short blog article with some ideas arising from the examination of a fairly large numbers of incidents: https://www.spamhaus.org/news/article/681/spam-through-compromised-passwords... I think that it is basically still quite current, except for some GDPR-related aspects, and although the last sentence was clearly, well, a little too optimistic. Unfortunately MSAs did not evolve as fast as we hoped, and several organisations continue to allow compromised accounts to start sending with astounding intensities. Natale M Bianchi