Hello, I am running a free webmail service based on IMP, and while I had successfully controlled incoming spam on the mail server level, I have issues of outgoing spam, thus someone attempts to use an automated bot process to send outgoing spam via horde.
Now, probably I would need the following measures: a) To use captcha on the login box of horde. Is there any mod around for that, or I should alter the code myself? b) To call spamc directly from horde per each mail sent to block whatever spamassassin can block as spam. c) To put a delay routine which would allow only one mail per two minutes to be sent per account d) To trim a setting to disallow someone to replace the sender e-mail given by the service thus instead of send <user>@<myfreemail>.tld to change it to <myspamname>@<myspamdomain>.tld The problem is that users have sometimes stupid passwords like 1234 or 12345 making very easy for a spammer to break into accounts, with trivial automated bot process. Now what I need: for (a) I need someone to point where in the code, is the imap authentication routine. (To alter it). Or if there's a mod around for that. for (b) and (c) where in the code is the routine which connects to imap to send mails. for (d) which is the setting (obvious). Best Regards Nick. PS: In the meanwhile I am planning to run the service in https:// there are fewer robots able to understand SSL around. -- IMP mailing list - Join the hunt: http://horde.org/bounties/#imp Frequently Asked Questions: http://horde.org/faq/ To unsubscribe, mail: [EMAIL PROTECTED]
