[horde] spammers targeting horde/imp as spamming tool
Andrew Morgan
morgan at orst.edu
Tue Apr 29 17:20:11 UTC 2008
On Tue, 29 Apr 2008, D G Teed wrote:
> Hey,
>
> Has anyone read this thread:
>
> http://www.nabble.com/Spamming-using-imp--td15431034.html
>
> Spammers are using brute force or phished login information to gain
> access to imp, and then sent out spam
>
> I've received a spam complaint which seems to echo this situtation.
>
> The first tool which comes to my mind is DenyHosts.
>
> Any other comments or thoughts on this trend?
We've been the target of this attack lately. Most of our email accounts
received a phishing email asking for their username and password. The
phishing email used an exact copy of a recent outage post we had placed on
our website, so it was reasonably legit looking.
Since then, 2 of our accounts were used via Webmail to send out around 3
million spam / phishing emails. I spoke with one of the users and
confirmed that he had responded to the earlier phishing email with his
username and password. So far, I haven't seen any brute force login
attempts to Webmail.
I plan to implement the recipient limit feature when we upgrade to the
next version of Webmail. :)
Andy
More information about the horde
mailing list