On Wed, November 21, 2007 10:00 am, Vernon A. Fort wrote: > Chris Hilts wrote: >> Well if they have the password as you indicated above, there isn't a >> whole lot to "compromising" the account, is there? >> >> > This is TRUE - it appears they did have the password but I am trying to > find any know exploit in the authentication method. Looking at the > email, a deferred message in the queue using postcat, it did come from > through the squirrelmail interface. I also installed the > restrict_sender plugin after the first attack and it send/logged > (assumed it blocked) the next three mass-mail attempts. > > I'm leaning towards a user using a public PC which had a key-logger and > or Trojan. Any other suggestions are welcome. All the PHP settings are > in accordance to the documentation on the squirrelmail website. I suggest that you use only https logins, as others have suggested. For added security from keyloggers when using public computers, I recommend the plugin Vkeyboard (virtual keyboard). It enables a user to enter the password by clicking on a graphical keyboard rather than typing. It also randomizes the keyboard layout each time. Unfortunately the author went a little overboard with security in recent versions, making it marginally more secure but much more awkward to use. I use an earlier version, which IIRC is still available for download from the SM site. (I was going to include the URL for you, but the SM plugins page seems inaccesible ATM.) ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ ----- squirrelmail-users mailing list Posting guidelines: http://squirrelmail.org/postingguidelines List address: squirrelmail-users@xxxxxxxxxxxxxxxxxxxxx List archives: http://news.gmane.org/gmane.mail.squirrelmail.user List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
