> Hi, > Lately we've noticed an alarming trend of spam being sent out from our > webmail server. It seems the new viruses will actually connect to > the webmail server and log in as the user (saved username/password in > internet explorer). It then sends e-mail from the user's webmail > account, but it doesn't send it as the user, instead it somehow > manages to forge the FROM address. > > Does anyone have any ideas how this is happening (forging of the > address) and has anyone else managed to figure out a way (short of a > captcha) to stop this? SquirrelMail allows to set from: address in Personal preferences. Older SquirrelMail versions allow it even if admin blocks it in SquirrelMail configuration. -- Tomas ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ -- squirrelmail-users mailing list Posting Guidelines: http://www.squirrelmail.org/wiki/MailingListPostingGuidelines List Address: squirrelmail-users@xxxxxxxxxxxxxxxxxxxxx List Archives: http://news.gmane.org/thread.php?group=gmane.mail.squirrelmail.user List Archives: http://sourceforge.net/mailarchive/forum.php?forum_id=2995 List Info: https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
