I appreciate the answer but dont see how it relates to the question.
Do you know if there are any known hacks or problem with webmail?
1. Not a ton of messages when out- less then 500.
2. The users reply address and name was updates.
3. Only a few failed logins for the account.
I am pretty sure that the users computer got compromised and they got
his info that way.
The IP used to connect came from Nigeria.
Sanford Whiteman wrote:
Is there any known hacks or problems with the webmail? I see that
they updated the user name and reply address.
Such a compromise is usually due to easily-guessed passwords (same as
username, 'password', etc.). Once you've got that info, sending a ton
of messages using HTTP scripting -- not the webmail per se -- is a
cinch.
Have you spoken with the user to be sure this was not the case? Users
can sometimes be embarrassed to admit it.
--Sandy
------------------------------------
Sanford Whiteman, Chief Technologist
Broadleaf Systems, a division of
Cypress Integrated Systems, Inc.
e-mail: [EMAIL PROTECTED]
SpamAssassin plugs into Declude!
http://www.imprimia.com/products/software/freeutils/SPAMC32/download/release/
Defuse Dictionary Attacks: Turn Exchange or IMail mailboxes into IMail Aliases!
http://www.imprimia.com/products/software/freeutils/exchange2aliases/download/release/
http://www.imprimia.com/products/software/freeutils/ldap2aliases/download/release/
To Unsubscribe: http://imailserver.com/support/discussion_list/
List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://imailserver.com/support/kb.html
