[horde] spammers targeting horde/imp as spamming tool

D G Teed donald.teed at gmail.com
Wed Apr 30 01:11:03 UTC 2008


I've seen one other reference to setting the recipient limit, but I too
would need to upgrade to 1.1.

I've denyed web access to 4 IPs now which were clearly spamming.
Mostly in Nigeria, and one in South Asia.  They must have some
automated way of working with imp to compose the spam quickly.

The pattern I'm seeing is a handful of horde login failures
followed by success. I'm guessing some of our users have weak passwords.
Our organization is about to implement tougher password solution this
summer, but it won't be soon enough.

Watching for spamming and building up the "deny from" list in my httpd.conf is
a bit of a chore.  Maybe that upgrade is a higher priority...

--Donald

On Tue, Apr 29, 2008 at 2:20 PM, Andrew Morgan <morgan at orst.edu> wrote:
>  Since then, 2 of our accounts were used via Webmail to send out around 3
> million spam / phishing emails.  I spoke with one of the users and confirmed
> that he had responded to the earlier phishing email with his username and
> password.  So far, I haven't seen any brute force login attempts to Webmail.
>
>  I plan to implement the recipient limit feature when we upgrade to the next
> version of Webmail.  :)
>
>         Andy
>


More information about the horde mailing list