[horde] spammers targeting horde/imp as spamming tool
robert sand
rsand at d.umn.edu
Wed Apr 30 15:39:41 UTC 2008
Yes this is daily here. We get both brute force attacks on weak passwords and phishing events. I've written a script
to find keywords in the identities field in horde_prefs to find most but others are found by denying sending of email
where the envelope and from headers are set to another domain.
Eric Jon Rostetter wrote:
> Quoting Andrew Morgan <morgan at orst.edu>:
>
>> Spammers are using brute force or phished login information to gain
>> access to imp, and then sent out spam
>
> This is happening with IMP, as well as several other webmail applications.
> I want to stress it isn't specific to IMP, and has been seen with other
> apps like SquirrelMail and such.
>
>> Any other comments or thoughts on this trend?
>
> It is an increasing trend, hitting EDU sites fairly heavily right now.
>
--
Robert Sand.
mailto:rsand at d.umn.edu
1028 Kirby Drive
366 K Plz
Duluth, MN 55812-3095
218-726-6122 fax 218-726-7674
"Walk behind me I may not lead, Walk in front of me I may not follow,
Walk beside me and we walk together" UTE Tribal proverb.
More information about the horde
mailing list