[imp] Unusual outgoing messages
Stephen A. Cochran Lists
stephen.a.cochran.lists at cahir.net
Thu Oct 5 13:26:53 PDT 2006
I was looking around our IMP server for the cause of some runaway
apache processes, and I found some strange messages in the mail
queue. We don't allow servers or identities to be set by the user.
H??Received: from 80.89.179.109 ([80.89.179.109]) by
webmail.dartmouth.edu
(Horde MIME library) with HTTP; Thu, 5 Oct 2006 15:53:12 -0400
But these messages have a forged from header and are spam. I'm
wondering how the header might have been forged unless someone is
posting directly to the compose.php without authenticating first.
Running Horde 3.1.1 and IMP 4.1.1 (last big security update).
Thanks,
Steve Cochran
More information about the imp
mailing list