For spammers, the barriers to entry are very low and the potential payoffs are very high relative to the small amounts of effort required to send out lots of spam. Spammers typically look for the “low hanging fruit” of an email system, such as mail servers that are not configured to prevent relaying, or accounts with weak passwords. If a hacker manages to guess an account’s password, he can use that account to send out large amounts of unsolicited spam email messages. This can result in your server winding up on a blacklist. Additionally, if large amounts of spam are sent out before the issue is corrected, your business can suffer lost trust and a reduction in revenue.
MDaemon’s Account Hijack Detection feature can be used to disable the account once a specified number of messages have been sent from an authenticated session within a given period of time. But it would be better to not even let a hacker get that far. Having strong passwords that are difficult to guess would help prevent an account from being hijacked in the first place.
Today, we focus on the issue of weak passwords and how to thwart hackers by implementing strong password policies. These settings are located in MDaemon under the Accounts | Account Settings configuration screen. In today’s video tutorial, we demonstrate how to require strong passwords, how to force accounts with a weak password to change their password, and how to send a Weak Passwords report to a designated email address.
Email is one of the most valuable intellectual property assets a company can have. Protect your email by enacting strong security and password policies & keep the hackers out.