|
|
|
|
|
|
by stevekemp
2714 days ago
|
|
|
I got a notification today that my domain has been included in this collection. But as far as I can see it is gibberish spam-mails. I see 500+ entries such as: fkdsjlfjldsf@example.com
spamkdsjf31@example.com
fsdjlfsdjkl@example.com
i.e. None of these emails at my domain are real, nor have they ever been real.That said if you allow password-based authentication on a server which is shared you might consider using my PAM module: https://github.com/skx/pam_pwnd It does lookups of previously-leaked passwords. Best practice these days is SSH-keys for authentication, but this would cover weak sudo passwords too, etc. |
|
|