[horde] spammers targeting horde/imp as spamming tool
D G Teed
donald.teed at gmail.com
Wed Apr 30 18:43:28 UTC 2008
Hi,
Perhaps you could expand on the details a little and we can all
learn some strategies? I don't understand what keywords you
would search for which could be indicative of spammer or a compromised account.
Also, where or how do you sent up this rule to control the abuse of envelope
and header values?
--Donald
On Wed, Apr 30, 2008 at 12:39 PM, robert sand <rsand at d.umn.edu> wrote:
>
> Yes this is daily here. We get both brute force attacks on weak passwords and phishing events. I've written a script
> to find keywords in the identities field in horde_prefs to find most but others are found by denying sending of email
> where the envelope and from headers are set to another domain.
>
>
> Eric Jon Rostetter wrote:
> > Quoting Andrew Morgan <morgan at orst.edu>:
> >
> >> Spammers are using brute force or phished login information to gain
> >> access to imp, and then sent out spam
> >
> > This is happening with IMP, as well as several other webmail applications.
> > I want to stress it isn't specific to IMP, and has been seen with other
> > apps like SquirrelMail and such.
> >
> >> Any other comments or thoughts on this trend?
> >
> > It is an increasing trend, hitting EDU sites fairly heavily right now.
> >
>
> --
> Robert Sand.
> mailto:rsand at d.umn.edu
> 1028 Kirby Drive
> 366 K Plz
> Duluth, MN 55812-3095
> 218-726-6122 fax 218-726-7674
>
> "Walk behind me I may not lead, Walk in front of me I may not follow,
> Walk beside me and we walk together" UTE Tribal proverb.
>
>
> --
> Horde mailing list - Join the hunt: http://horde.org/bounties/#horde
> Frequently Asked Questions: http://horde.org/faq/
> To unsubscribe, mail: horde-unsubscribe at lists.horde.org
>
More information about the horde
mailing list