-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Vernon A. Fort wrote: > amount of spam email. It appears the exploiter obtained the password > and then compromised the account. The actual email user is completely > unaware of the compromise - meaning they did NOT send this spam email. <SNIP> > When looking at the mail queue file, you can see the squirrelmail > authenticated user name and the queue file clearly show it came from the > localhost indicating the squirrelmail interface. If you are indicating the Received: header, it can and has been faked by spammers in the past. Are you certain this is not the case? What do your SMTP logs show? Did the messages in question truly pass through your mail system? > We did not have the webmail with a CERT (ssl) but do NOW! Is there any > know way of easily compromising a email account directly with PHP and or > squirelmail. Well if they have the password as you indicated above, there isn't a whole lot to "compromising" the account, is there? - -- Chris Hilts tassium@xxxxxxxxxxxxxxxx SquirrelMail Developer Gun Control: Belief that violent predators willing to ignore laws against robbery, kidnapping, rape, and murder will obey a law telling them that they cannot do so with a gun. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (MingW32) iD8DBQFHREK398ixrK2vMtARAnhxAJsEreQsGa2cGhshC4Khbl1tNlLOYwCaAx7L UWPEFCxjhb9t1z/dde2yFNg= =p0LX -----END PGP SIGNATURE----- ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ ----- squirrelmail-users mailing list Posting guidelines: http://squirrelmail.org/postingguidelines List address: squirrelmail-users@xxxxxxxxxxxxxxxxxxxxx List archives: http://news.gmane.org/gmane.mail.squirrelmail.user List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
