Re: [qmailtoaster] qmail machine being spammer help...

Mon, 31 Aug 2009 13:19:40 -0700 

Hello
we had a lot of those attacks on our web hosting servers in the past
and it has only to do with apache . It is a known and old exploit,
a spam relay is using Apache to forward data to an open mail relay.
We check those at router level but the mod_security works fine for a single machine 

Really it is an old exploit.

Nothing to worry about regarding the toaster, well you can always add a 
nice mod_security configuration to take care of all those little exploits





Jake Vickers wrote:

Eric Shubert wrote:

Thanks Jake. So is this simply an apache configuration issue? Is 
there an easy way it can be 'fixed' in a toaster package configuration?





It's actually an issue with the programming of the application 
(talking about Roundcube here). There are a couple different Apache 
modules that can be utilized to proxy or filter the PHP code used and 
help prevent the exploits in the code.
I'm sure something could be written into QTP to install any one of 
those modules if someone wants to lay out a skeleton that can be used 
as a base for the installation of the module.




--------------------------------------------------------------------------------- 

Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
   Vickers Consulting Group offers Qmailtoaster support and 
installations.

     If you need professional help with your setup, contact them today!

--------------------------------------------------------------------------------- 

    Please visit qmailtoaster.com for the latest news, updates, and 
packages.
         To unsubscribe, e-mail: 
qmailtoaster-list-unsubscr...@qmailtoaster.com
    For additional commands, e-mail: 
qmailtoaster-list-h...@qmailtoaster.com





---------------------------------------------------------------------------------
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
   Vickers Consulting Group offers Qmailtoaster support and installations.
     If you need professional help with your setup, contact them today!
---------------------------------------------------------------------------------
    Please visit qmailtoaster.com for the latest news, updates, and packages.

    
     To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com

    For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com



























					Reply via email to