Le 09/01/2016 06:39, amutoti a écrit : > I am using SquirrelMail version 1.4.8-21.el5.centos for webmail and one of my > users when trying to send email via webmail it does not send using his real > account but instead the is what his recipients will receive in their inbox; > > > Email address: Mrs.Lola Sanchez <info@xxxxxxxx> > > > Message body: > > > Dear Respected > > > I am Mrs.Lola Sanchez,manager bills and exchange at the foreign remittance > department of La_caixa bank Madrid.I have a business suggestion for you.It > involve the transfer of($ 15.2 million US Dollar).if interested please reach > me on(mrslolasan003@xxxxxx) with more details of this operation. > Kind Regards, > > > Mrs Lola Sanchez. > > > However this does not happen when he is using Microsoft Outlook > > > > > -- > View this message in context: http://squirrelmail.5843.n7.nabble.com/Squirrellmail-user-account-compromised-tp26228.html > Sent from the squirrelmail-users mailing list archive at Nabble.com. > > ------------------------------------------------------------------------------ > Site24x7 APM Insight: Get Deep Visibility into Application Performance > APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month > Monitor end-to-end web transactions and take corrective actions now > Troubleshoot faster and improve end-user experience. Signup Now! > http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140 > ----- > squirrelmail-users mailing list > Posting guidelines: http://squirrelmail.org/postingguidelines > List address: squirrelmail-users@xxxxxxxxxxxxxxxxxxxxx > List archives: http://news.gmane.org/gmane.mail.squirrelmail.user > List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users > Hi, You need to find where the malware is operating. Here are a few stuff to verify (without any order): - Is the end user's computer clean? - Try to send out a message from another account, and from another client computer; - (In case of Windows client) Reset the user's Windows profile; - Don't you have a malicious SM plugin installed? - Was your SM installation altered by a malware? Check files timestamps and/or md5 sums. - Install a new SM instance and ask the user to use it. - (In case of Unix authentication) Is the user's Unix account healthy? Regards, Julien ------------------------------------------------------------------------------ Site24x7 APM Insight: Get Deep Visibility into Application Performance APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month Monitor end-to-end web transactions and take corrective actions now Troubleshoot faster and improve end-user experience. Signup Now! http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140 ----- squirrelmail-users mailing list Posting guidelines: http://squirrelmail.org/postingguidelines List address: squirrelmail-users@xxxxxxxxxxxxxxxxxxxxx List archives: http://news.gmane.org/gmane.mail.squirrelmail.user List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
