Easy Passwords Make Spamming Easy

No one likes spam. A few weeks ago, our email server ended up on a few different blacklists from large amounts of spam being sent from our server. In case you don't know, when a server gets on a blacklist it's like a patient in ER. Critical Emergency, get the defibrillator kind of thing.

It didn't take long to locate the issue … a spam script was guessing user names and commonly used passwords until it was able to login to the mail system. From there it began mailing the spam out, and several hours later the server was on a few blacklists. In order to correct the issue, we found the offending account and made some password changes. Then we began submitting removal requests for the different blacklists.

There's a couple important points to bring up with this situation. It's important to realize that this is fairly common for spammers. A bit of advice: try using more secure, strong passwords; you should stay away from most commonly used passwords, dictionary words, and number sequences. Try to mix lowercase and uppercase characters along with symbols and numbers. Your password length should be around 12 to 14 characters or longer if you can remember it. If you write your password down, put it in a secure place. Another good point to bring up in this situation is that managing email requires technical knowledge from someone that knows what they are doing.

Thankfully we were able to have the problem resolved in a short period of time, allowing us to keep emails going and business moving.