KAM, please do not top post. Please review the mailing list posting guidelines. >> I am using squirrelmail 1.4.17 >> I have a user whose password was compromised in some way and the >> squirrelmail >> server started sending out spam email every second or so. (using >> sendmail). >> I also got in the logs this warning - >> Authentication-Warning: machinename: apache set sender to some name >> using -f. >> >> Can you recommend a way to prevent a recurrence of this. <snip> > B) use randomly generated passwords. For example, this site came up > from a quick Google search: http://www.thebitmill.com/tools/password.html Or just enforce strong password rules in your password change backend. > C) To allow the apache user to send emails using -f (essentially forging > the name) without a warning, add this to your sendmail.mc and compile > the cf. > > define(`confTRUSTED_USERS', `apache') dnl > > There is also a way to use a file called /etc/mail/trusted-users for > example that can contain trusted users depending on your installation. Or just turn off the ability of users to change their email address in SquirrelMail. However, I don't think the spammer would care too much if they had to send directly from the compromised user's email address. Instead, I'd recommend getting some throttle controls installed in your MTA, or if SquirrelMail is the only way to access the account (no direct access to SMTP), then you can install the Squirrel Logger plugin which warns you of this situation, or Restrict Senders which can detect this activity and deactivate the account immediately (automatically). You should also have the Lockout and/or CAPTCHA plugins installed if you think the password guess happened by using the SquirrelMail login page. Please search before asking -- these questions have come up numerous times before. -- Paul Lesniewski SquirrelMail Team Please support Open Source Software by donating to SquirrelMail! http://squirrelmail.org/donate_paul_lesniewski.php ------------------------------------------------------------------------------ Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev ----- squirrelmail-users mailing list Posting guidelines: http://squirrelmail.org/postingguidelines List address: squirrelmail-users@xxxxxxxxxxxxxxxxxxxxx List archives: http://news.gmane.org/gmane.mail.squirrelmail.user List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
