[imp] Spam issues, need help.

Michael Menge michael.menge at zdv.uni-tuebingen.de
Tue Jun 10 11:32:10 UTC 2008 

Quoting Dos Wizard <magician at euretirio.gr>:

> Hello,
>
> I am running a free webmail service based on IMP, and while I had
> successfully controlled incoming spam on the mail server level, I have
> issues of outgoing spam, thus someone attempts to use an automated bot
> process to send outgoing spam via horde.
>
> Now, probably I would need the following measures:
> a) To use captcha on the login box of horde. Is there any mod around for
> that, or I should alter the code myself?
> b) To call spamc directly from horde per each mail sent to block
> whatever spamassassin can block as spam.
> c) To put a delay routine which would allow only one mail per two
> minutes to be sent per account
> d) To trim a setting to disallow someone to replace the sender e-mail
> given by the service thus instead of send <user>@<myfreemail>.tld to
> change it to <myspamname>@<myspamdomain>.tld
>
> The problem is that users have sometimes stupid passwords like 1234 or
> 12345 making very easy for a spammer to break into accounts, with
> trivial automated bot process.
>
> Now what I need:
> for (a) I need someone to point where in the code, is the imap
> authentication routine. (To alter it). Or if there's a mod around for that.
> for (b) and (c) where in the code is the routine which connects to imap
> to send mails.
> for (d) which is the setting (obvious).
>
I cant help with (a) but.

(b) Imp sends e-mails by calling sendmail (or any program which  
accepts the same options) or by talking to an smtpserver. You can use  
a wrapper sctript to pass the e-Mail to spamc befor sending it to  
sendmail, or you can setup you smtpserver to scan e-Mails comming from  
your IMP Server.

(c) The new Horde 3.2 and IMP 4.2 have this feature build in.

(d) You can lock you $_prefs['from_addr'] in horde/configs/prefs.php  
or you can
patch horde/templates/prefs/text.inc

--- text.inc.orig       2007-12-20 16:04:04.000000000 +0100
+++ text.inc    2008-06-09 15:03:27.000000000 +0200
@@ -1,2 +1,6 @@
  <?php echo Horde::label($pref, $_prefs[$pref]['desc']) ?>&nbsp;<?php  
echo $helplink ?><br />
-<input id="<?php echo $pref ?>" name="<?php echo $pref ?>" size="30"  
maxlength="60" value="<?php echo  
htmlspecialchars($prefs->getValue($pref)) ?>" /><br />
+<input id="<?php echo $pref ?>" name="<?php echo $pref ?>" size="30"  
maxlength="60" value="<?php echo  
htmlspecialchars($prefs->getValue($pref)) ?>"
+//[begin]Don't allow to edit from_addr
+<?php if($pref=='from_addr') echo 'readonly'; ?>
+//[end]
+/><br />

The patch has the favor that the from_address is still shown on the  
identity page. Both ways will disallow the editing of the from_addres  
completly, so you must put it in the prefs for your users.

Regards

        Michael

--------------------------------------------------------------------------------
M.Menge                                 Tel.: (49) 7071/29-70316
Universitaet Tuebingen                  Fax.: (49) 7071/29-5912
Zentrum fuer Datenverarbeitung          mail:  
michael.menge at zdv.uni-tuebingen.de
Waechterstrasse 76
72074 Tuebingen

More information about the imp mailing list