On Mar 3, 2009, at 3:32, "Benny Pedersen" wrote:
On Mon, March 2, 2009 17:27, Joseph Brennan wrote:
LuKreme wrote:
unless you are suggesting that they are MANUALLY logging into the
webmail to then send 1 billion spams, yes it will.
bots can do anything when login and password is known to th
We're seeing some of this too. The Nigerian phishes for a few accounts
here and there probably acquired from a spammer email list, and uses one
webmail system to email users on their other webmail system. They send
something official looking asking for passwords, banking numbers, birth
dates, e
On Mon, March 2, 2009 17:27, Joseph Brennan wrote:
> LuKreme wrote:
>> unless you are suggesting that they are MANUALLY logging into the
>> webmail to then send 1 billion spams, yes it will.
bots can do anything when login and password is known to them
> That is an interesting point. OK. I do
LuKreme wrote:
unless you are suggesting that they are MANUALLY logging into the
webmail to then send 1 billion spams, yes it will.
That is an interesting point. OK. I don't know whether they do a
manual login to get a session open before they run the software they
use to dump spam.
Jose
Envelope-To tuple? In that way AWL
> will much better track habits of users.
>
> Or if anybody had same problems I'm open to any suggestions.
>
> Regards,
> Giga
>
> --
> View this message in context:
> http://www.nabble.com/Webmail-spammers-tp22273077p22273077.html
> Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
>
>
giga328 writes:
> I looked at Received headers and unfortunately, Received headers added by
> our webmail are not standard ones. Except for the proxy.IP in the following
> example, all IPs and all FQDNs are from our servers. Here is the (ugly)
> example:
>
> Received: from our.domain ([our.webma
Am 2009-03-01 13:04:49, schrieb LuKreme:
> unless you are suggesting that they are MANUALLY logging into the
> webmail to then send 1 billion spams, yes it will.
Break them out, by allowing to send only 10 messages per hour from the
Webinterface... This is what I do here and it works quiet we
Am 2009-03-01 15:31:45, schrieb giga328:
>
> Nice idea. We were considering this for a long time because our mail server
> has built in support for email throttling. Luckily for me, configuring it
> will be done by my colleague as it is his part of the job. Tomorrow morning
> I will happily inform
und SMTP and do per user (e-mail)
> thresholds. So if you have a exploited account the damage is minimal.
>
> Bye,
> Raymond.
>
>
--
View this message in context:
http://www.nabble.com/Webmail-spammers-tp22273077p22279634.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
sage in context:
http://www.nabble.com/Webmail-spammers-tp22273077p22279565.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
dding a
> Received: header to show that, and that would enable spamassassin to
> look up the previous hop list in RBLs.
>
>
--
View this message in context:
http://www.nabble.com/Webmail-spammers-tp22273077p22279486.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
On 1-Mar-2009, at 12:50, Joseph Brennan wrote:
If your users are consistently getting their passwords stolen,
then your
users are idiots and you will need to do something like add a
captcha to
the webmail login page.
If it's the Nigerian gangs that have been attacking university web
mai
If your users are consistently getting their passwords stolen, then your
users are idiots and you will need to do something like add a captcha to
the webmail login page.
If it's the Nigerian gangs that have been attacking university web mail
for about 12 months now, they are phishing your
On 1-Mar-2009, at 06:47, giga328 wrote:
Spammers are stilling passwords from some of our users by using
viruses
(passwords are stolen, not guessed or brute force cracked).
Spammers have application which is able to authenticate to our webmail
interface and post email :)
If your users are con
giga328 writes:
> After posting email by webmail interface, message is routed to our outgoing
> SMTP server. It is scanned by spamd from SpamAssassin but it get low score.
> Low score is from tests ALL_TRUSTED and/or BAYES_xx and/or AWL.
> I'm not sure if we can remove webmail IP address from tr
Hi!
We have some strong spam attacks done by combination of our webmail, viruses
and open proxies.
Situation is like this:
Our outgoing SMTP server is open only for users from our IP addresses and is
filtered for rest of the world. Our webmail interface is open to whole world
as our users need
On Sun, March 1, 2009 14:47, giga328 wrote:
> We have some strong spam attacks done by combination of our webmail,
> viruses and open proxies.
do you just trust email senders if thay are loged in to not spam
check it before leaving your network ?
(rest skipped]
--
http://localhost/ 100% uptime
is message in context:
http://www.nabble.com/Webmail-spammers-tp22273077p22273077.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
18 matches
Mail list logo
