On 05/24/2011 01:05 PM, Arjen de Korte wrote:
Something very similar is already available in Horde through the Permission
system where you can add IMP, specify the number of recipients per message
(max_recipients) and total recipients per time unit (max_timelimit). You need to
have the Outgoing
Quoting Götz Reinicke - IT-Koordinator :
Am 24.05.11 21:40, schrieb Andrew Morgan:
On Tue, 24 May 2011, Götz Reinicke - IT-Koordinator wrote:
Hi,
I did not find the compromised account yet, but I see a lot off messages
like the following one in our logs:
/var/log/httpd/ssl_request_log.1:[21
Am 24.05.11 21:40, schrieb Andrew Morgan:
> On Tue, 24 May 2011, Götz Reinicke - IT-Koordinator wrote:
<...>
> One thing I forgot to mention about identifying compromised accounts -
> the spammers like to put the content of their message (the spam) into
> the user's signature block. That simplifi
Am 24.05.11 21:40, schrieb Andrew Morgan:
> On Tue, 24 May 2011, Götz Reinicke - IT-Koordinator wrote:
>
>> Hi,
>>
>> I did not find the compromised account yet, but I see a lot off messages
>> like the following one in our logs:
>>
>> /var/log/httpd/ssl_request_log.1:[21/May/2011:01:10:54 +0200]
On Tue, 24 May 2011, Götz Reinicke - IT-Koordinator wrote:
Hi,
I did not find the compromised account yet, but I see a lot off messages
like the following one in our logs:
/var/log/httpd/ssl_request_log.1:[21/May/2011:01:10:54 +0200]
74.82.171.30 TLSv1 RC4-MD5 "POST
/horde/imp/compose.php?uniq
Citeren Andy Dorman :
1. We run memcache on the horde servers. We then added local code
to horde/imp/lib/Compose.php to save and update a 24 hour count of
recipients in memcache for a sender.
Then when a sender hits the 24 hr limit or a limit for the number of
addresses in a single email
Quoting Andy Dorman :
Also, the domain admin can also look at the email and if it is
really spam, they can quickly shut down the spammer.
Off-topic - I like to know how much spam they would have sent, so when
I verify it's spam I redirect their outgoing mail to /dev/null but
continue to
On 05/24/2011 07:53 AM, � wrote:
Hi,
I did not find the compromised account yet, but I see a lot off messages
like the following one in our logs:
/var/log/httpd/ssl_request_log.1:[21/May/2011:01:10:54 +0200]
74.82.171.30 TLSv1 RC4-MD5 "POST
/horde/imp/compose.php?uniq=721hskg326yc HTTP/1.1" 92
Hi,
I did not find the compromised account yet, but I see a lot off messages
like the following one in our logs:
/var/log/httpd/ssl_request_log.1:[21/May/2011:01:10:54 +0200]
74.82.171.30 TLSv1 RC4-MD5 "POST
/horde/imp/compose.php?uniq=721hskg326yc HTTP/1.1" 92
/var/log/httpd/ssl_request_log.1:[