> On Tue, Jul 1, 2008 at 7:39 PM, Res <res@xxxxxxxxxx> wrote: >> On Tue, 24 Jun 2008, Brant Wells wrote: >> >>> Hi All, >>> >>> I have recently noticed a steady stream of email leaving my server that appears >>> to be from >>> my Squirrel Mail users. I upgraded from 1.4.10 to 1.4.15 in an effort to fix >>> the issue. It >>> went away for a couple of days, but is back now. >> >> I wont go over what others have said about it not being an MTA etc, as its > > <snip> > > And, as always, there are plugins that can help you identify when you > have an account on your server that has been compromised and is being > used to send spam. The best tools for this are your own server logs, > possibly augmented by the "Squirrel Logger" plugin, but if you could > also check out the "Restrict Senders" plugin and if you are trying to > be proactive against password attacks, etc., you can try the "CAPTCHA" > and "Lockout" plugins too. > even if you are right it does not help so much since the MTA should be configured to mail correctly so it does not matter if some else use the account because the spam origin comes back in first place to the relaying mta not to the user so it does not matter if you have users trying to send spam or not so long as your mta is "vacinated" against such attemps - so doen't matter if it is a legitimate user or not. I mean you try bringing the cow down with it's tail when trying to fight passwd attempts, on mta level you get it by it's horns I guess most attempts faking sm origin are not coming from the sm instalation itself but they are faked by relay attempts so with proper relay protection of your MTA all this goes away a good and easy protection is the greeting relay in first place and rate limit in second and then recepient limit count as third and so most spam/relay attempts are gone then michel **************************************************** Tecnologia Internet Matik http://info.matik.com.br Sistemas Wireless para o Provedor Banda Larga Hospedagem e Email personalizado - e claro, no Brasil. **************************************************** ------------------------------------------------------------------------- Sponsored by: SourceForge.net Community Choice Awards: VOTE NOW! Studies have shown that voting for your favorite open source project, along with a healthy diet, reduces your potential for chronic lameness and boredom. Vote Now at http://www.sourceforge.net/community/cca08 ----- squirrelmail-users mailing list Posting guidelines: http://squirrelmail.org/postingguidelines List address: squirrelmail-users@xxxxxxxxxxxxxxxxxxxxx List archives: http://news.gmane.org/gmane.mail.squirrelmail.user List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
