Hi List I wonder if others have also stumbled over the password "Mylove@1".
We use RoundCube as Webmail. We have 'stupid' customers, who give away their email password by answering to phishing emails or just simply are victims of trojans stealing their credentials. Subsequently those accounts get abused to send spam but our automatic monitoring usually quickly detects them and disables SMTP Submission resulting in a 5XX error indicating to the customer to change his password. We offer to change the password with a widely used RoundCube 'Password' Plugin, which also unblocks SMTP. And it looks like one spamer has specialized in automatizing this. He spams until he is getting automatically blocked, then logs in to Roundcube, re-sets the Password and restarts spaming usually taking measures like only using one single IP and lowering the send-rate to such an amount not to get detected by our system anymore. I wonder if there are such highly sophisticated bots around, that do this all automatically of if one spamer does love our email plattform so much despite we still locking him out eventually by manually changing the password of the affected account, so he cannot log in to RoundCube anymore without knowing the set password. Our system also rate limits down his sending speed, so I guess we would not be very lucrative for him. But still we find one such an abused account about twice a month. Mit freundlichen Grüssen -Benoît Panizzon- -- I m p r o W a r e A G - Leiter Commerce Kunden ______________________________________________________ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 Pratteln Fax +41 61 826 93 01 Schweiz Web http://www.imp.ch ______________________________________________________ _______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
