: Accessing a private server without authorization is a violation of the Computer Fraud and Abuse Act (CFAA) in the US and similar laws worldwide.

Searching for files named usually leads to lists of Simple Mail Transfer Protocol (SMTP) server credentials that have been compromised or "scraped" for illicit use.

: The protocol used to send emails across the internet.

: Sending attachments or links that infect the recipient's computer. The Risks of Using Compromised SMTPs

: Use Multi-Factor Authentication for all administrative and user email accounts.

These lists are primarily traded or shared in "underground" forums for several malicious purposes:

: Using legitimate, "clean" servers to send emails that trick people into revealing sensitive data, as these emails are less likely to land in spam folders.

: Ensure all SMTP traffic is encrypted to prevent credential sniffing on public networks.