Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Managed email provider MessageLabs has blamed a security breach on one of its customer's networks for a bout of spam detected from its IP address range.
The incident saw the vendor - which incidentally is paid to protect customers from inbound spam - included in block lists by other anti-spam services.
As detailed exclusively in iTnews, MessageLabs customers found that some of their outbound mail bounced last week after the service providers' IP address was included in the SORBS antispam block list.
MessageLabs has since investigated the incident and concluded that its addresses were blocked due to a security incident affecting one of its customers.
"From time to time," said MessageLabs engineer Paul Woods, one of the company's 30,000 clients "will send mail that it is considered to be spam by us or one of the block list providers.
"In the instance it appears that a customer's webmail service had been compromised by a spammer and used to send spam emails," he said.
Woods said that MessageLabs' systems can detect abnormal numbers of emails being sent from a client account and delay the customer's ability to send email.
But in this case, these processes kicked in after "a small number of spam emails were sent, which resulted in one of our IP addresses being listed on the SORBS block list for a short period."
MessageLabs was unwilling to disclose what industry the affected customer operated in, nor its country of origin. "But we can say that the most common form of abuse of legitimate email accounts is often caused by insecure passwords on corporate webmail systems," Woods said.
MessageLabs was also able to re-route email from a blocked cluster to another cluster in order to ensure its other clients are not affected.
The company has toned down its past criticism of the SORBS model.
"Some of the block list providers have very aggressive rules and may occasionally add a block based on a single email that is deemed spam-like," Woods said.
"We work very closely with block list providers like SORBS and Spamhaus who generally play a very positive role in the fight against spam."
Woods said MessageLabs did not pay SORBS a fee to remove its IP addresses from the block list.
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.