On 9/7/07, Christian Schmitz <list@xxxxxxxxxxxxx> wrote: > First: > This can happen for 2 reasons: Many more than that. > -keylogger into customer house. > -Vulnerabilitys into squirrelmail. - Non-SSL-encrypted logins sniffed - Vuln that sniffs login info stored in browser - User mistakes like not clicking "sign out" - Probably more > You must work to determine what is happen. > If the customer have a keylogger, then the spammer have the data (password, > username). And you will have the same problem with all webmails progs. Until > use a "chalenge graphic"(if i wrote bad at bottom write a explanation about > this). See the SM CAPTCHA plugin > If is an exploit to squirrelmail maybe a simple renaming mailto.php > mailtonew.php (and edit al references to mailto.php) can solve temporary this > issue. Read the thread - the OP's version of SM doesn't have mailto.php. > To determine what is happening look into the apache logs and see the IP of the > connection. and the sequence of connection. Check ISP etc. > > I will suggest a little turnaround work. Is not the full solution but help. > > 1.Postfix can refuse send mail if logged in user mismatch. Including domain. > Others servers must be have a similar feature. > > 2.Use the plugin that draw the password in screen, and i dont know if is > possible disable password field. (if is possible) Maybe you mean the Virtual Keyboard plugin > 3. Exist a CHALENGE GRAPHIC? plugin?I don know how say in english. But some > sites have a graphic with some letters drawed, and the user must copy. This > kick the bots. yes - see above ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ -- squirrelmail-users mailing list Posting Guidelines: http://www.squirrelmail.org/wiki/MailingListPostingGuidelines List Address: squirrelmail-users@xxxxxxxxxxxxxxxxxxxxx List Archives: http://news.gmane.org/thread.php?group=gmane.mail.squirrelmail.user List Archives: http://sourceforge.net/mailarchive/forum.php?forum_id=2995 List Info: https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
