Relay service

[Jeff Wark]

Looking at the available services for an account, it would appear that we would want to remove the 'Relay' service from a compromised account.  The reason for this is that the customer could still authenticate and send mail to postmaster or support.

However, the absence of the 'relay' service doesn't seem to affect the ability of someone logged into webmail from sending mail anywhere.

Is there another service I should be looking at to disable sending mail?

We have considered setting the outbound message rate to zero [which may still happen], but then the customer cannot contact support or postmaster via email, which is something we think we might want.

Thanks for any ideas.

--

Jeff Wark
Tbaytel Internet

#############################################################

This message is sent to you because you are subscribed to

  the mailing list <CGat...@mail.stalker.com>.

To unsubscribe, E-mail to: <CGateP...@mail.stalker.com>

To switch to the DIGEST mode, E-mail to <CGatePr...@mail.stalker.com>

To switch to the INDEX mode, E-mail to <CGatePr...@mail.stalker.com>

Send administrative queries to  <CGatePro...@mail.stalker.com>

[Bill Cole]

On 22 Aug 2014, at 13:34, Jeff Wark wrote:

> Looking at the available services for an account, it would appear that
> we would want to remove the 'Relay' service from a compromised
> account.  The reason for this is that the customer could still
> authenticate and send mail to postmaster or support.
>
> However, the absence of the 'relay' service doesn't seem to affect the
> ability of someone logged into webmail from sending mail anywhere.
>
> Is there another service I should be looking at to disable sending
> mail?

This is hopefully an unusual event that will last a short time, so you
probably don't need a scalable generic approach. You may want to just
create a rule that blocks anything they try to send anywhere but to your
admin addresses, and remove it when you resolve the issue.

>
> We have considered setting the outbound message rate to zero [which
> may still happen], but then the customer cannot contact support or
> postmaster via email, which is something we think we might want.
>
> Thanks for any ideas.

Unfortunately, a single email account is often a key nexus point
connecting all of a person's online activities and so its compromise is
actually a compromise of much more, making it necessary to be suspicious
of every action they might take to reclaim the account. Did they store
passwords inn email? Do they have a VoIP phone number which the hijacker
know has ringing at his desk? Is their mobile number still ringing the
phone in their pocket? You obviously cannot trust that any communication
that is solely authenticated as the CGP account holder is not the
hijacker, but do you have any independent method of authenticating the
legitimate user? If you have something pre-arranged like a "security
question" you need to consider whether that was asked and answered over
email (definitely untrustworthy) or is likely to be stored on the user's
own computer (likely to be compromised as well).

You will note that the above ideas are limited to risks you should have
in mind when dealing with a compromised account and do not hint at any
solution. That's not because I have a solution idea that I'm not
sharing.