[imp] Spammers Using Horde/IMP to Send Bulk Message

Jussi Paju Jussi.Paju at iki.fi
Sat Sep 6 11:06:11 UTC 2008


On Sat, 6 Sep 2008, JackyC at umac.mo wrote:

> Does anyone has this experience?
> Spammers used the spam to ask horde/imp user to submit their account info
> (including password)
> Somehow, user submitted.
> And spammers use this user account to send a lot of bulk messages.

Yes, there have been numerous cases like yours.

> Does anyone has this experience? I am just asking for suggest to improve
> in Horde/IMP webmail environment.

There is not much anyone can do but to keep their (and users) passwords 
safe. Because Horde and IMP are open source, spammers do always have the 
access to the source code and hence can always find a way to send spam 
simulating a browser if they have correct credientials to use the 
system.

Summa summarum: It's not the client programs fault if someone gets 
credientials needed to send spam via the program. From a spammers point 
of view the same thing can be accomplished with numerous other email 
clients as well (programs running on workstations are off course a bit 
harder to hack).

-- 
Jussi Paju
  - luoja, creator -

:: Te audire no possum. Musa sapientum fixa est in aure.
:: I can't hear you. I have a banana in my ear.


More information about the imp mailing list