Am 24.05.11 21:40, schrieb Andrew Morgan:
On Tue, 24 May 2011, Götz Reinicke - IT-Koordinator wrote:
...
One thing I forgot to mention about identifying compromised accounts -
the spammers like to put the content of their message (the spam) into
the user's signature block. That simplifies
Quoting Götz Reinicke - IT-Koordinator goetz.reini...@filmakademie.de:
Am 24.05.11 21:40, schrieb Andrew Morgan:
On Tue, 24 May 2011, Götz Reinicke - IT-Koordinator wrote:
Hi,
I did not find the compromised account yet, but I see a lot off messages
like the following one in our logs:
On 05/24/2011 01:05 PM, Arjen de Korte wrote:
Something very similar is already available in Horde through the Permission
system where you can add IMP, specify the number of recipients per message
(max_recipients) and total recipients per time unit (max_timelimit). You need to
have the Outgoing
Hi,
I did not find the compromised account yet, but I see a lot off messages
like the following one in our logs:
/var/log/httpd/ssl_request_log.1:[21/May/2011:01:10:54 +0200]
74.82.171.30 TLSv1 RC4-MD5 POST
/horde/imp/compose.php?uniq=721hskg326yc HTTP/1.1 92
On 05/24/2011 07:53 AM, � wrote:
Hi,
I did not find the compromised account yet, but I see a lot off messages
like the following one in our logs:
/var/log/httpd/ssl_request_log.1:[21/May/2011:01:10:54 +0200]
74.82.171.30 TLSv1 RC4-MD5 POST
/horde/imp/compose.php?uniq=721hskg326yc HTTP/1.1 92
Quoting Andy Dorman ador...@ironicdesign.com:
Also, the domain admin can also look at the email and if it is
really spam, they can quickly shut down the spammer.
Off-topic - I like to know how much spam they would have sent, so when
I verify it's spam I redirect their outgoing mail to
On Tue, 24 May 2011, Götz Reinicke - IT-Koordinator wrote:
Hi,
I did not find the compromised account yet, but I see a lot off messages
like the following one in our logs:
/var/log/httpd/ssl_request_log.1:[21/May/2011:01:10:54 +0200]
74.82.171.30 TLSv1 RC4-MD5 POST
