Hi,
since saturday we got about 40 reports from spamcom.net and other
mailserver providers, that 'we' are sending or are used for sending spam.
The MX is 193.196.129.3
So far I received about 7.000 returned mail bounces from our system and
all reported messages do have User-Agent: Internet
Citeren Götz Reinicke - IT-Koordinator goetz.reini...@filmakademie.de:
My questions:
What is the best way to find the leak? What may I configure in
horde/imp/apache/php ... to make it harder to be compromised?
If you're using SMTP AUTH for sending mail, the mailserver might have
logged the
How may I limit the number of messages a user may send? :-)
for example google 'policyd'
--
IMP mailing list
Frequently Asked Questions: http://horde.org/faq/
To unsubscribe, mail: imp-unsubscr...@lists.horde.org
Am 23.05.11 10:30, schrieb azurIt:
How may I limit the number of messages a user may send? :-)
for example google 'policyd'
not for sendmail as far as I know.
/Götz
--
Götz Reinicke
IT-Koordinator
Tel. +49 7141 969 420
Fax +49 7141 969 55 420
E-Mail
uuhm, sendmail users still exists ? ;)
__
Od: Götz Reinicke - IT-Koordinator
Komu: imp@lists.horde.org
Dátum: 23.05.2011 10:36
Predmet: Re: [imp] May be our horde installation was used for spam
Am 23.05.11 10:30, schrieb
Am 20:59, schrieb Götz Reinicke - IT-Koordinator:
Hi,
since saturday we got about 40 reports from spamcom.net and other
mailserver providers, that 'we' are sending or are used for sending spam.
The MX is 193.196.129.3
It's not widely listed at
Apologies for top posting..
No wonder you have an issue. Install postfix asap and replace sendmail. This
is more secure and less complex (and it sounds like you don't need complex).
In the meantime take that box offline until you establish of it's the server or
a compromised user account.
Quoting Simon Brereton simon.brere...@dada.net:
Apologies for top posting..
No wonder you have an issue. Install postfix asap and replace
sendmail. This is more secure and less complex (and it sounds like
you don't need complex).
actually, if one goes to make a secure server, it is not
* G?tz Reinicke - IT-Koordinator goetz.reini...@filmakademie.de [2011-05-23
04:30]:
hmmm... do you have any hint for me gow to find the userid?
We use the method described here:
http://www.mail-archive.com/imp@lists.horde.org/msg04736.html
How may I limit the number of messages a user
My questions:
What is the best way to find the leak? What may I configure in
horde/imp/apache/php ... to make it harder to be compromised?
There are many phishing mails which target webmail accounts.
IMHO this is the most comon case for abuse of imp and other webmail
software
IMP has some
On Mon, 23 May 2011, Götz Reinicke - IT-Koordinator wrote:
Hi,
since saturday we got about 40 reports from spamcom.net and other
mailserver providers, that 'we' are sending or are used for sending spam.
The MX is 193.196.129.3
So far I received about 7.000 returned mail bounces from our
Quoting Andrew Morgan mor...@orst.edu:
On Mon, 23 May 2011, Götz Reinicke - IT-Koordinator wrote:
Hi,
since saturday we got about 40 reports from spamcom.net and other
mailserver providers, that 'we' are sending or are used for sending spam
--
IMP mailing list
Frequently Asked Questions:
12 matches
Mail list logo