Sorry for the repost, I didn't change the subject last time. Also, I forgot to
mention I'm on the last release of iMail before ICS. Also, this version is in
plaintext... thanks!
Hey guys,
I recently received an abuse complaint, concerning a message sent from one of
our iMail servers.
and Systems Engineer | Bullhorn Inc. | 617.464.2440
x119 | www.bullhorn.com
-Original Message-
From: [EMAIL PROTECTED]
To: IMail_Forum@list.ipswitch.com ;
Sent: Mar 17, 2005 03:20:33 PM
Subject: [IMail Forum] Have I been owned?
Hey guys,
I recently received an abuse complaint
I recently received an abuse complaint, concerning a message sent from one
of our iMail servers. This is very strange...
One question: Was there a Received: header added by the complainer's
mailserver (or another mailserver they trust), that has your IP as the
source of the E-mail?
If not,
Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Chase Seibert
Sent: Thursday, March 17, 2005 2:19 PM
To: IMail_Forum@list.ipswitch.com
Subject: [IMail Forum] Have I been owned?
Sorry for the repost, I didn't change the subject last time. Also, I
forgot to mention I'm
@list.ipswitch.com
Subject: RE: [IMail Forum] Have I been owned?
Here are the headers, un-obfuscated. One thing I just noticed:
Received: from atlasadvancement.com (mail1.bullhorn.com = [209.202.131.100])
My server would not identify itself as atlasadvancement.com, even if it was
owned. It's internal name
Grady [EMAIL PROTECTED] To: "IMail_Forum@list.ipswitch.com" <IMAIL_FORUM@LIST.IPSWITCH.COM>;Sent: Mar 17, 2005 03:28:49 PMSubject: RE: [IMail Forum] Have I been owned?Have you upgraded to protect against the IMAP exploit? Sincerely, Tom Grady General Manager - eBASE, LLC
PROTECTED]
To: IMail_Forum@list.ipswitch.com ;
Sent: Mar 17, 2005 03:38:55 PM
Subject: Re: [IMail Forum] Have I been owned?
I recently received an abuse complaint, concerning a message sent from one
of our iMail servers. This is very strange...
One question: Was there a Received: header added
I had a similar instance a couple of weeks ago. It sounds like the same
deal. A hacker broke through and set up a proxy on 4 servers allowing the
email to be sent through our Imail server to the tune of about 50K of
messages per hour per server.
Check your systems to be sure you do not have any