> Do you have any proof of a virus logging in? Couldn't it just be plain ol' > keyboard logging and the the person who gets the logs (not your intended > users) sends out the spam manually? It's technically possible to write a > program that logs in automatically, using any kind of mail interface - not > just web mail interfaces, as long as you have the password, but without > the password it's a harder nut to crack. The key question is: how do the > spammers get the password? If they get it through a broken browser caching > the user name and password, fix the broken browser. I haven't been able to figure out what the name of the virus is, yet... however... I doubt it is keyboard logging for the following reasons: 1 - The logins happen from IPs on our network (that is.. someone outside didn't capture the login info and then use it). 2 - When the user cleans their machine the spam stops going out, even if the password is kept the same. Alot of these users have reported they don't type their username/password into webmail, but rather use IE to save it. So the virus is getting the username and password out of the IE saved password area. ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ -- squirrelmail-users mailing list Posting Guidelines: http://www.squirrelmail.org/wiki/MailingListPostingGuidelines List Address: squirrelmail-users@xxxxxxxxxxxxxxxxxxxxx List Archives: http://news.gmane.org/thread.php?group=gmane.mail.squirrelmail.user List Archives: http://sourceforge.net/mailarchive/forum.php?forum_id=2995 List Info: https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
