I would start by checking the ip adress that user logged in with.
On 02/08/2018 07:10 PM, Jorge Bastos wrote: > > Howdy, > > > > I have a verrryyyyy odd thing happening. > > I have an user, unknown, that is in my users table, for a domain > */_that isn’t mine, and never was._/* > > This records keep’s having last_login fields updated, so someway he’s > being able to login right? > > > > > > Odd to see that the field after the datetime fields (that is the > failed_login_count) is zero, > > > > Is there any plugin or so to records the IP from which the logins are > made? > > Where to search for this possible breach? > > > > Regards, > > > > _______________________________________________ > Roundcube Users mailing list > [email protected] > http://lists.roundcube.net/mailman/listinfo/users
_______________________________________________ Roundcube Users mailing list [email protected] http://lists.roundcube.net/mailman/listinfo/users
