Re: [SM-USERS] ***Spam***Re: I keep getting logged out of webmail

On Wed, May 5, 2021 03:43, Markus Robert Kessler wrote: > Hi James, hi Paul, > > maybe this is a cookie-problem within firefox. > > Could you please verify that the squirrelmail cookie is there and is valid > when you are logged out? I will check the browser's cookie cache the next time it happ

Re: [SM-USERS] ***Spam***Re: Another HTML email oddity

The version we have is SquirrelMail version 1.4.23 [SVN] which is packaged by the port maintainer at FreeBSD. This problem does not occur for every html message. Most show the html display button and can be switched to the html view. But some do not. Thank you for your attention to the matter.

Re: [SM-USERS] ***Spam***Re: Inline css renders squiremail headers illegible

On Wed, June 17, 2020 23:12, Paul Lesniewski wrote: > Also, please make sure you're running a 1.4.23 snapshot newer than > 2020-01-06 which contains a fix I made for things like this. If it's > still broken, note that v1.5.2 uses an iframe to try and better isolate > css for the message body.

Re: [SM-USERS] Spam on my squirrelmail server

Ted, you´re absolutely right... I have already installed the captcha plugin and i will try with the restrict_senders... Thank you very much for all your help guys! Regards -- View this message in context: http://squirrelmail.5843.n7.nabble.com/Spam-on-my-squirrelmail-server-tp25799p25807.htm

Re: [SM-USERS] Spam on my squirrelmail server

On Tue, 8 Apr 2014, difuntos wrote: > Thanks a lot to everyone. I?ve found that an account was hacked and they were > sending spam from that account. > > The thing is that they were using another mail address to send (they changed > it in the "Personal Information" option). > > So, i was wondering.

Re: [SM-USERS] Spam on my squirrelmail server

I don't know if you've already tried RTFM, but: bool $edit_name (line 598) Identity Controls If you don't want to allow users to change their email address then you can set $edit_identity to false, if you want them to not be able to change their full name too then set $edit_name to false as well.

Re: [SM-USERS] Spam on my squirrelmail server

Thanks a lot to everyone. I´ve found that an account was hacked and they were sending spam from that account. The thing is that they were using another mail address to send (they changed it in the "Personal Information" option). So, i was wondering...is there any way to take out that options fro

Re: [SM-USERS] Spam on my squirrelmail server

On Mon, 7 Apr 2014, difuntos wrote: > Hello, im having a security issue in my squirrelmail server : > > Some spammers are sending spam from my server (it?s also my SMTP server). > > I have configured sendmail exactly the same as others servers that do not > have this problems, so im guessing it?s a

Re: [SM-USERS] Spam on my squirrelmail server

The thing is that the offending account is an external mailnothing to do with my domain accounts. Some spammers are using the server, but not the accounts, because my pop server i somewhere else... -- View this message in context: http://squirrelmail.5843.n7.nabble.com/Spam-on-my-squir

Re: [SM-USERS] Spam on my squirrelmail server

On Mon, Apr 7, 2014 at 11:46 AM, difuntos wrote: > Hello, im having a security issue in my squirrelmail server : > > Some spammers are sending spam from my server (it´s also my SMTP server). > > I have configured sendmail exactly the same as others servers that do not > have this problems, so im g

[SM-USERS] Spam on my squirrelmail server

Hello, im having a security issue in my squirrelmail server : Some spammers are sending spam from my server (it´s also my SMTP server). I have configured sendmail exactly the same as others servers that do not have this problems, so im guessing it´s a squirrelmail bug. Here is an example of one

[SM-USERS] [SPAM] Re: fetch mail plugin data location?

I do not mean to step on anyone toes here just wanting to see if this is post needs some clarification or not as to what the term data refers to: Are you referring to the users mail data or users custom settings data? If its the email data itself, thats kept in the mail servers Inbox or on the

Re: [SM-USERS] [SPAM] Squirrelmail-users, Win Rs. 50,000 this may!

> Binny Mandvia has invited you to join YouMint, where you can get Free > mobile recharge instantly! I've added the moderation flag to this mailinglist member. If we continue to receive junk mail from this member, the address will be removed. Please contact the mailinglist administrator if this is

Re: [SM-USERS] spam from my mail server

Hello, Am 2010-02-13 09:23:07, schrieb Chris Hilts: > More importantly, tell them that you'll never need to ask them for their > password. Anyone asking for their password is a thief and a liar. > > That's what I tell them, anyway. This is a part of the Messages too... However, I have curently

Re: [SM-USERS] spam from my mail server

On 2/13/2010 7:04 AM, Michelle Konzack wrote: > Hello Simon, > > I am 99% sure it was a phishing attack against you users. > > I have currently over 300 accounts runing on my corporated domain and > told ALL USERS, that I will never send (admin) messages without there > full First- and Fami

Re: [SM-USERS] spam from my mail server

Hello Simon, I am 99% sure it was a phishing attack against you users. I have currently over 300 accounts runing on my corporated domain and told ALL USERS, that I will never send (admin) messages without there full First- and Family-Name, to identify, the Mail is comeing realy from me. Th

Re: [SM-USERS] spam from my mail server

> 2010/2/12 : >> Dear All, >> >> I Have the following setup running for a couple of years without any >> problem. >> >> Centos 5 >> sendmail-8.13.8-2.el5 >> httpd-2.2.3-11.el5_1 >> squirrelmail-1.4.17 >> MailScanner 4.76.25 >> Mailwatch 1.04 >> >> Just yesterday I found a huge spam being originat

Re: [SM-USERS] spam from my mail server

2010/2/12 : > Dear All, > > I Have the following setup running for a couple of years without any problem. > > Centos 5 > sendmail-8.13.8-2.el5 > httpd-2.2.3-11.el5_1 > squirrelmail-1.4.17 > MailScanner 4.76.25 > Mailwatch 1.04 > > Just yesterday I found a huge spam being originated from my Mail Se

Re: [SM-USERS] spam from my mail server

On Feb 12, 2010, at 12:19 PM, si...@kmun.gov.kw wrote: > I do can understand if one user had his password being cracked or probably > a virus on his PC could have changed his personal information squirrel > mail. > > But its about 10 different local email users who had their personal > Informati

[SM-USERS] spam from my mail server

Dear All, I Have the following setup running for a couple of years without any problem. Centos 5 sendmail-8.13.8-2.el5 httpd-2.2.3-11.el5_1 squirrelmail-1.4.17 MailScanner 4.76.25 Mailwatch 1.04 Just yesterday I found a huge spam being originated from my Mail Server and my mqueue had over 800 em

Re: [SM-USERS] Spam Through SM?

On Wed, Jul 16, 2008 at 7:46 AM, Rob Wright <[EMAIL PROTECTED]> wrote: > Greetings, > > I know this topic has been beaten to death but I'm asking for a review of some > spam complaints we've received from AOL. We got a slew of these last Summer, > installed the CAPTCHA plugin and killed them dead.

Re: [SM-USERS] Spam Through SM?

Rob Wright wrote: > Greetings, > > I know this topic has been beaten to death but I'm asking for a review of > some > spam complaints we've received from AOL. We got a slew of these last Summer, > installed the CAPTCHA plugin and killed them dead. Now we're getting them > again and I just want

Re: [SM-USERS] Spam Through SM?

Rob Wright wrote: > Greetings, > > I know this topic has been beaten to death but I'm asking for a review of > some > spam complaints we've received from AOL. We got a slew of these last > Summer, > installed the CAPTCHA plugin and killed them dead. Now we're getting them > again and I just want t

[SM-USERS] Spam Through SM?

Greetings, I know this topic has been beaten to death but I'm asking for a review of some spam complaints we've received from AOL. We got a slew of these last Summer, installed the CAPTCHA plugin and killed them dead. Now we're getting them again and I just want to be sure that I'm reading righ

Re: [SM-USERS] spam

Please do not top-post. Read our mailing list posting guidelines if you don't know what that means. > > > What is the best scenario to fight spam from within Squirrelmail? I am > > not > > > > This question is too generic. You have to know HOW you want to fight > > spam. There are all kinds

Re: [SM-USERS] spam

19:15 Aan: Squirrelmail User Support Mailing List Onderwerp: Re: [SM-USERS] spam > What is the best scenario to fight spam from within Squirrelmail? I am not This question is too generic. You have to know HOW you want to fight spam. There are all kinds of different ways to do that, and the most fun

Re: [SM-USERS] spam

> What is the best scenario to fight spam from within Squirrelmail? I am not This question is too generic. You have to know HOW you want to fight spam. There are all kinds of different ways to do that, and the most fundamental ones involve installing software in the MTA, *not* in SquirrelMail.

[SM-USERS] spam

Hello, What is the best scenario to fight spam from within Squirrelmail? I am not afraid to install plugins, but I find the Spam-plugin-page completely incomprehensible. Some plugins seem old (can they still be used?) which plugins are compatible with each other and so on. Which is the best? I

Re: [SM-USERS] Spam filters

> Greetings > > Firstly, I am not a squirrelmail user, my email hosting > service is the user > > Secondly, I would like to know how to get my mail hosting > service to utilise a decent spam filter ? > > currently, I am expected to enter each spammers address > singly and individually, which wou

Re: [SM-USERS] Spam filters

On Tue, March 25, 2008 09:37, Stewart Montgomery wrote: > Greetings > > Firstly, I am not a squirrelmail user, my email hosting service is the > user > > Secondly, I would like to know how to get my mail hosting service to > utilise > a decent spam filter ? > > currently, I am expected to enter eac

[SM-USERS] Spam filters

Greetings Firstly, I am not a squirrelmail user, my email hosting service is the user Secondly, I would like to know how to get my mail hosting service to utilise a decent spam filter ? currently, I am expected to enter each spammers address singly and individually, which would take three hours

Re: [SM-USERS] [Spam] SECURITY: 1.4.12 Package Compromise

On Dec 14, 2007 2:15 PM, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > Hi, > > > I can see your point Paul, better to be safer than sorry ;) > > Just being paranoid: how about plugins? We don't currently provide md5 sums for them, but that wouldn't be a bad idea for the "new website" --

Re: [SM-USERS] [Spam] SECURITY: 1.4.12 Package Compromise

Hi, > I can see your point Paul, better to be safer than sorry ;) Just being paranoid: how about plugins? Thank you and best regards. Cássio - SF.Net email is sponsored by: Check out the new SourceForge.net Marke

Re: [SM-USERS] [Spam] SECURITY: 1.4.12 Package Compromise

On Dec 13, 2007 2:33 PM, Res <[EMAIL PROTECTED]> wrote: > Thanks Jon, if the MD5 passed on the package we downloaded back then, > would you still recommend replacing ? A diff -r shows no changes between > it and a fresh d/l.. In a situation like this, yes, it is always best to get a new download,

Re: [SM-USERS] Spam

> Does anyone out there know how we can block spam messages? There are some suggestions at: . SquirrelMail itself isn't intended to block spam on the client side, but several front ends (SquirrelMail plugins) are available for server side solutions (se

[SM-USERS] Spam

Does anyone out there know how we can block spam messages? Regards, Stephen ___ Stephen Smith Director Papillon Foundation +027 11 435 9799 or 0836174182 Website: www.papillonfoundation.com Disclaimer This email and any documents transmitted with it are confidential and are inten

Re: [SM-USERS] spam button plugin and locale

On Nov 16, 2007 5:26 PM, Lenny Shovsky <[EMAIL PROTECTED]> wrote: > > Paul Lesniewski wrote: > > On Nov 16, 2007 3:52 PM, Lenny Shovsky <[EMAIL PROTECTED]> wrote: > >> Paul Lesniewski wrote: > >>> On Nov 16, 2007 6:44 AM, Lenny Shovsky <[EMAIL PROTECTED]> wrote: > I'm at the point where I'm ab

Re: [SM-USERS] spam button plugin and locale

Paul Lesniewski wrote: > On Nov 16, 2007 3:52 PM, Lenny Shovsky <[EMAIL PROTECTED]> wrote: >> Paul Lesniewski wrote: >>> On Nov 16, 2007 6:44 AM, Lenny Shovsky <[EMAIL PROTECTED]> wrote: I'm at the point where I'm able to manually execute spamc to train ham/spam to remote spamd servers an

Re: [SM-USERS] spam button plugin and locale

On Nov 16, 2007 3:52 PM, Lenny Shovsky <[EMAIL PROTECTED]> wrote: > > Paul Lesniewski wrote: > > On Nov 16, 2007 6:44 AM, Lenny Shovsky <[EMAIL PROTECTED]> wrote: > >> I'm at the point where I'm able to manually execute spamc to train > >> ham/spam to remote spamd servers and plugin's debug output

Re: [SM-USERS] spam button plugin and locale

Paul Lesniewski wrote: > On Nov 16, 2007 6:44 AM, Lenny Shovsky <[EMAIL PROTECTED]> wrote: >> I'm at the point where I'm able to manually execute spamc to train >> ham/spam to remote spamd servers and plugin's debug output shows correct >> commands and syntax to do the same, however the web servers

Re: [SM-USERS] spam button plugin and locale

On Nov 16, 2007 6:44 AM, Lenny Shovsky <[EMAIL PROTECTED]> wrote: > I'm at the point where I'm able to manually execute spamc to train > ham/spam to remote spamd servers and plugin's debug output shows correct > commands and syntax to do the same, however the web servers produce this > error, which

[SM-USERS] spam button plugin and locale

I'm at the point where I'm able to manually execute spamc to train ham/spam to remote spamd servers and plugin's debug output shows correct commands and syntax to do the same, however the web servers produce this error, which seems to be the show stopper for the interface to do the training. "coul

Re: [SM-USERS] Spam Sent From WebMail

Nick Bright-2 wrote: > > My attempted suggestion was merely "hey, could this particular method be > broken by changing part X". Your answer is obviously "No, it can't", so > lets just leave it at that. > There are two ways to submit form information in HTML. POST and GET. GET is not allowed

Re: [SM-USERS] Spam Sent from WebMail

Tomas Kuliavas wrote: Installed Plugins 1. delete_move_next 2. squirrelspell 3. newmail 4. mpppolicygroup 5. quota_usage Available Plugins: 6. translate 7. compatibility 8. spamcop 9. sent_subfolders

Re: [SM-USERS] Spam Sent From WebMail

Hallo, Paul, Du (paul) meintest am 09.10.07: > On 10/9/07, Paul Lesniewski <[EMAIL PROTECTED]> wrote: >> On 10/9/07, Nick Bright <[EMAIL PROTECTED]> wrote: >>> Paul Lesniewski wrote: Please do NOT top-post and try to use correct reply quoting. On 10/9/07, Brent <[EMAIL PROTECTED]>

Re: [SM-USERS] Spam Sent from WebMail

>>> Installed Plugins >>> 1. delete_move_next >>> 2. squirrelspell >>> 3. newmail >>> 4. mpppolicygroup >>> 5. quota_usage >>> >>> Available Plugins: >>> 6. translate >>> 7. compatibility >>> 8. spamcop >>> 9. sent_subfolders >>> 10. check_quota >> >> Ver

Re: [SM-USERS] Spam Sent From WebMail

On 10/9/07, Paul Lesniewski <[EMAIL PROTECTED]> wrote: > On 10/9/07, Nick Bright <[EMAIL PROTECTED]> wrote: > > Paul Lesniewski wrote: > > > Please do NOT top-post and try to use correct reply quoting. > > > > > > On 10/9/07, Brent <[EMAIL PROTECTED]> wrote: > > >> I had this exact issue. It ended

Re: [SM-USERS] Spam Sent From WebMail

On 10/9/07, Nick Bright <[EMAIL PROTECTED]> wrote: > Paul Lesniewski wrote: > > Please do NOT top-post and try to use correct reply quoting. > > > > On 10/9/07, Brent <[EMAIL PROTECTED]> wrote: > >> I had this exact issue. It ended up being one exploited account. The IP > >> addresses connecting

Re: [SM-USERS] Spam Sent From WebMail

>>On 10/9/07, Brent <[EMAIL PROTECTED]> wrote: >> I had this exact issue. It ended up being one exploited account. The IP >> addresses connecting to the account were from various APNIC blocks. I would >> block one IP and it would move to another... suggesting that it was some >> kind of bot - ho

Re: [SM-USERS] Spam Sent From WebMail

Paul Lesniewski wrote: On 10/9/07, Nick Bright <[EMAIL PROTECTED]> wrote: Paul Lesniewski wrote: On 10/9/07, Ken A <[EMAIL PROTECTED]> wrote: Nick Bright wrote: Ken A wrote: Nick Bright wrote: Per some suggestions in the thread I was able to determine that they are not using "mailto.php",

Re: [SM-USERS] Spam Sent From WebMail

Paul Lesniewski wrote: Please do NOT top-post and try to use correct reply quoting. On 10/9/07, Brent <[EMAIL PROTECTED]> wrote: I had this exact issue. It ended up being one exploited account. The IP addresses connecting to the account were from various APNIC blocks. I would block one IP an

Re: [SM-USERS] Spam Sent from WebMail

Nick Bright wrote: > Ken A wrote: >> Nick Bright wrote: >>> Tomas Kuliavas wrote: >> Have you tried to protect your webmail traffic? Signed SSL certificate costs less than 20 USD. >>> I'd expect they support SSL on their end, this probably wouldn't make >>> any difference. >> >> The diff

Re: [SM-USERS] Spam Sent From WebMail

Brent wrote: > I had this exact issue. It ended up being one exploited account. The IP > addresses connecting to the account were from various APNIC blocks. I would > block one IP and it would move to another... suggesting that it was some > kind of bot - however, I added the captcha plugin and

Re: [SM-USERS] Spam Sent From WebMail

Please do NOT top-post and try to use correct reply quoting. On 10/9/07, Brent <[EMAIL PROTECTED]> wrote: > I had this exact issue. It ended up being one exploited account. The IP > addresses connecting to the account were from various APNIC blocks. I would > block one IP and it would move to a

Re: [SM-USERS] Spam Sent from WebMail

Ken A wrote: Nick Bright wrote: Tomas Kuliavas wrote: Have you tried to protect your webmail traffic? Signed SSL certificate costs less than 20 USD. I'd expect they support SSL on their end, this probably wouldn't make any difference. The difference is that fewer passwords could easily be

Re: [SM-USERS] Spam Sent From WebMail

On 10/9/07, Nick Bright <[EMAIL PROTECTED]> wrote: > Paul Lesniewski wrote: > > On 10/9/07, Ken A <[EMAIL PROTECTED]> wrote: > >> Nick Bright wrote: > >>> Ken A wrote: > Nick Bright wrote: > > > Per some suggestions in the thread I was able to determine that they are > > not using

Re: [SM-USERS] Spam Sent from WebMail

Nick Bright wrote: > Tomas Kuliavas wrote: >> Have you tried to protect your webmail traffic? Signed SSL certificate >> costs less than 20 USD. > > I'd expect they support SSL on their end, this probably wouldn't make > any difference. The difference is that fewer passwords could easily be stol

Re: [SM-USERS] Spam Sent From WebMail

I had this exact issue. It ended up being one exploited account. The IP addresses connecting to the account were from various APNIC blocks. I would block one IP and it would move to another... suggesting that it was some kind of bot - however, I added the captcha plugin and they kept logging in!

Re: [SM-USERS] Spam Sent from WebMail

Paul Lesniewski wrote: On 10/9/07, Tomas Kuliavas <[EMAIL PROTECTED]> wrote: CentOS 4.5 w/ squirrelmail-1.4.8-4.0.1.el4.centos. Plugins are: CVE-2006-6142, CVE-2007-1262, CVE-2007-2589. Please note that html filtering functions must be patched to 1.4.10+ level. Having only 1.4.9a patches is not

Re: [SM-USERS] Spam Sent From WebMail

Paul Lesniewski wrote: On 10/9/07, Ken A <[EMAIL PROTECTED]> wrote: Nick Bright wrote: Ken A wrote: Nick Bright wrote: Per some suggestions in the thread I was able to determine that they are not using "mailto.php", but rather compose.php: /var/log/httpd/access_log:196.1.179.183 - - [07/Oct

Re: [SM-USERS] Spam Sent from WebMail

Tomas Kuliavas wrote: CentOS 4.5 w/ squirrelmail-1.4.8-4.0.1.el4.centos. Plugins are: CVE-2006-6142, CVE-2007-1262, CVE-2007-2589. Please note that html filtering functions must be patched to 1.4.10+ level. Having only 1.4.9a patches is not enough. If changelog says that CVE-2006-6142 is fixed,

Re: [SM-USERS] Spam Sent From WebMail

Ken A wrote: Nick Bright wrote: Ken A wrote: Nick Bright wrote: Per some suggestions in the thread I was able to determine that they are not using "mailto.php", but rather compose.php: /var/log/httpd/access_log:196.1.179.183 - - [07/Oct/2007:21:54:10 -0500] "GET /webmail/src/compose.php?mail

Re: [SM-USERS] Spam Sent from WebMail

On 10/9/07, Tomas Kuliavas <[EMAIL PROTECTED]> wrote: > > CentOS 4.5 w/ squirrelmail-1.4.8-4.0.1.el4.centos. Plugins are: > > CVE-2006-6142, CVE-2007-1262, CVE-2007-2589. Please note that html > filtering functions must be patched to 1.4.10+ level. Having only 1.4.9a > patches is not enough. If cha

Re: [SM-USERS] Spam Sent From WebMail

On 10/9/07, Ken A <[EMAIL PROTECTED]> wrote: > Nick Bright wrote: > > Ken A wrote: > >> Nick Bright wrote: > >> > >>> Per some suggestions in the thread I was able to determine that they are > >>> not using "mailto.php", but rather compose.php: > >>> > >>> /var/log/httpd/access_log:196.1.179.183 -

Re: [SM-USERS] Spam Sent from WebMail

> CentOS 4.5 w/ squirrelmail-1.4.8-4.0.1.el4.centos. Plugins are: CVE-2006-6142, CVE-2007-1262, CVE-2007-2589. Please note that html filtering functions must be patched to 1.4.10+ level. Having only 1.4.9a patches is not enough. If changelog says that CVE-2006-6142 is fixed, check functions/mime.p

Re: [SM-USERS] Spam Sent From WebMail

Nick Bright wrote: > Ken A wrote: >> Nick Bright wrote: >> >>> Per some suggestions in the thread I was able to determine that they are >>> not using "mailto.php", but rather compose.php: >>> >>> /var/log/httpd/access_log:196.1.179.183 - - [07/Oct/2007:21:54:10 -0500] >>> "GET /webmail/src/compose.

Re: [SM-USERS] Spam Sent From WebMail

Ken A wrote: Nick Bright wrote: Per some suggestions in the thread I was able to determine that they are not using "mailto.php", but rather compose.php: /var/log/httpd/access_log:196.1.179.183 - - [07/Oct/2007:21:54:10 -0500] "GET /webmail/src/compose.php?mail_sent=yes HTTP/1.1" 200 37102 "htt

Re: [SM-USERS] Spam Sent from WebMail

Sorry to reopen a thread, but I am seeing the same issue as the original poster in this thread: http://sourceforge.net/mailarchive/message.php?msg_id=c11d02530709050557ldb78519i4cdecd1ea08dc368%40mail.gmail.com In that I am seeing spam sent through my SM install, packages are: CentOS 4.5 w/ squi

Re: [SM-USERS] Spam Sent From WebMail

Nick Bright wrote: > Per some suggestions in the thread I was able to determine that they are > not using "mailto.php", but rather compose.php: > > /var/log/httpd/access_log:196.1.179.183 - - [07/Oct/2007:21:54:10 -0500] > "GET /webmail/src/compose.php?mail_sent=yes HTTP/1.1" 200 37102 > "http://

Re: [SM-USERS] Spam Sent From WebMail

Fredrik Jervfors wrote: Matt wrote: On 9/7/07, Chris Hoogendyk <[EMAIL PROTECTED]> wrote: Matt wrote: Do you have any proof of a virus logging in? Couldn't it just be plain ol' keyboard logging and the the person who gets the logs (not your intended users) sends out the spam manually? It's tec

Re: [SM-USERS] Spam Sent From WebMail

> Matt wrote: >> On 9/7/07, Chris Hoogendyk <[EMAIL PROTECTED]> wrote: >>> Matt wrote: > Do you have any proof of a virus logging in? Couldn't it just be > plain ol' keyboard logging and the the person who gets the logs > (not your intended > users) sends out the spam manually? It's

Re: [SM-USERS] Spam Sent From WebMail

>> If is an exploit to squirrelmail maybe a simple renaming mailto.php >> mailtonew.php (and edit al references to mailto.php) can solve temporary >> this >> issue. > > What is this mailto.php vulnerability of which I've heard so much in > this thread? Sounds like something rather nasty. I gave

Re: [SM-USERS] Spam Sent From WebMail

> If is an exploit to squirrelmail maybe a simple renaming mailto.php > mailtonew.php (and edit al references to mailto.php) can solve temporary this > issue. What is this mailto.php vulnerability of which I've heard so much in this thread? Sounds like something rather nasty. > 2.Use the plugin

Re: [SM-USERS] Spam and Trash Folder Auto-Delete?

On 9/8/07, Clair <[EMAIL PROTECTED]> wrote: > > Hello, > > I would like to have both my TRASH folder and my SPAM folder auto-delete > messages contained in them after a certain period of time. Is there any way > to do this? Please only post once. --

Re: [SM-USERS] Spam Auto-Delete?

On 9/8/07, Clair <[EMAIL PROTECTED]> wrote: > > Hello, > > I would like to have both my TRASH folder and my SPAM folder auto-delete > messages contained in them after a certain period of time. Is there any way > to do this? As suggested, it is best to do this on the server side, not in the mail cl

Re: [SM-USERS] Spam Sent From WebMail

First: This can happen for 2 reasons: -keylogger into customer house. -Vulnerabilitys into squirrelmail. You must work to determine what is happen. If the customer have a keylogger, then the spammer have the data (password, username). And you will have the same problem with all webmail progs. Un

Re: [SM-USERS] Spam and Trash Folder Auto-Delete?

clair> I would like to have both my TRASH folder and my SPAM folder clair> auto-delete messages contained in them after a certain period clair> of time. Is there any way to do this? The "proon" plugin can do this: http://www.squirrelmail.org/plugin_view.php?id=251 --

Re: [SM-USERS] Spam Auto-Delete?

I am using a program called MailScanner and MailWatch in conjunction with Squirrelmail to accomplish this. It works good and I believe both are open source. There are settings in MailScanner that will automatically drop spam if it hits a certain score hope this helps mike Clair wrote: > > Hello,

[SM-USERS] Spam Auto-Delete?

Hello, I would like to have both my TRASH folder and my SPAM folder auto-delete messages contained in them after a certain period of time. Is there any way to do this? Thanks, Clair -- View this message in context: http://www.nabble.com/Spam-Auto-Delete--tf4403366.html#a12561926 Sent from the

Re: [SM-USERS] Spam Sent From WebMail

El Viernes, 7 de Septiembre de 2007 21:57, Paul Lesniewski escribió: > On 9/7/07, Christian Schmitz <[EMAIL PROTECTED]> wrote: > > First: > > This can happen for 2 reasons: > > Many more than that. > > > -keylogger into customer house. > > -Vulnerabilitys into squirrelmail. > > - Non-SSL-encrypted

Re: [SM-USERS] Spam Sent From WebMail

On 9/7/07, Christian Schmitz <[EMAIL PROTECTED]> wrote: > First: > This can happen for 2 reasons: Many more than that. > -keylogger into customer house. > -Vulnerabilitys into squirrelmail. - Non-SSL-encrypted logins sniffed - Vuln that sniffs login info stored in browser - User mistakes like no

Re: [SM-USERS] Spam Sent From WebMail

First: This can happen for 2 reasons: -keylogger into customer house. -Vulnerabilitys into squirrelmail. You must work to determine what is happen. If the customer have a keylogger, then the spammer have the data (password, username). And you will have the same problem with all webmails progs. U

Re: [SM-USERS] Spam Sent From WebMail

Matt wrote: >> Do you have any proof of a virus logging in? Couldn't it just be plain ol' >> keyboard logging and the the person who gets the logs (not your intended >> users) sends out the spam manually? It's technically possible to write a >> program that logs in automatically, using any kind o

Re: [SM-USERS] Spam Sent From WebMail

Matt wrote: > On 9/7/07, Chris Hoogendyk <[EMAIL PROTECTED]> wrote: > >> Matt wrote: >> Do you have any proof of a virus logging in? Couldn't it just be plain ol' keyboard logging and the the person who gets the logs (not your intended users) sends out the spam manually? It

Re: [SM-USERS] Spam Sent From WebMail

On 9/7/07, Chris Hoogendyk <[EMAIL PROTECTED]> wrote: > > > Matt wrote: > >> Do you have any proof of a virus logging in? Couldn't it just be plain ol' > >> keyboard logging and the the person who gets the logs (not your intended > >> users) sends out the spam manually? It's technically possible to

Re: [SM-USERS] Spam Sent From WebMail

> Do you have any proof of a virus logging in? Couldn't it just be plain ol' > keyboard logging and the the person who gets the logs (not your intended > users) sends out the spam manually? It's technically possible to write a > program that logs in automatically, using any kind of mail interface -

Re: [SM-USERS] Spam Sent From WebMail

>> or turn off login_auto functionality and block all requests to >> src/mailto.php. > > src/mailto.php doesn't exist. "src/mailto.php" is part of SquirrelMail since 1.4.5 and 1.5.0. The OP is using 1.4.4. Sincerely, Fredrik --

Re: [SM-USERS] Spam Sent From WebMail

>> or turn off login_auto functionality and block all requests to >> src/mailto.php. > > src/mailto.php doesn't exist. > > However, again we are chasing the straw man (is that the right term to > use here?). I'm being told to upgrade because of security, etc, etc > yet that's not the issue..

Re: [SM-USERS] Spam Sent From WebMail

> > > That has the > > potential to make people very very upset... and is what gives alot of > > the Linux community a bad name. > > http://catb.org/~esr/faqs/smart-questions.html#keepcool Ok.. that's fine.. as long as that's what you are operating under.. I have no issues with that :) --

Re: [SM-USERS] Spam Sent From WebMail

>> If you use SquirrelMail 1.4.4 and turned off email modifications in >> SquirrelMail configuration, you haven't disabled it. > > Why do you keep saying that? I've turned it off, and if I go into > the settings... I definitely can not change the setting... how do you > propose someone would chan

Re: [SM-USERS] Spam Sent From WebMail

On 9/6/07, Matt <[EMAIL PROTECTED]> wrote: > I'm not doubting that what Paul is suggesting, I'm trying to > understand a little better. > > Also, just as an FYI, Paul when someone top posts or bottom posts > or does anything else that isn't set in stone or law... it's probably > better to just

Re: [SM-USERS] Spam Sent From WebMail

I'm not doubting that what Paul is suggesting, I'm trying to understand a little better. Also, just as an FYI, Paul when someone top posts or bottom posts or does anything else that isn't set in stone or law... it's probably better to just let it go rather than go off about it. That has the

Re: [SM-USERS] Spam Sent From WebMail

> -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of > Matt > Sent: Thursday, September 06, 2007 3:06 PM > Cc: squirrelmail-users@lists.sourceforge.net > Subject: Re: [SM-USERS] Spam Sent From WebMail > > > If you use Squ

Re: [SM-USERS] Spam Sent From WebMail

> -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of > Matt > Sent: Thursday, September 06, 2007 3:10 PM > Cc: squirrelmail-users@lists.sourceforge.net > Subject: Re: [SM-USERS] Spam Sent From WebMail > > > or turn of

Re: [SM-USERS] Spam Sent From WebMail

Removing thread context is not helpful. > > or turn off login_auto functionality and block all requests to > > src/mailto.php. > > src/mailto.php doesn't exist. > > However, again we are chasing the straw man (is that the right term to > use here?). I'm being told to upgrade because of security,

Re: [SM-USERS] Spam Sent From WebMail

> or turn off login_auto functionality and block all requests to > src/mailto.php. src/mailto.php doesn't exist. However, again we are chasing the straw man (is that the right term to use here?). I'm being told to upgrade because of security, etc, etc yet that's not the issue.. the issue i

Re: [SM-USERS] Spam Sent From WebMail

> "not upgraded due to various themes". If you haven't modified SquirrelMail > scripts, upgrade path is simple. You just have to fix login page and > reapply msg flags patches. I'll try.. but I'm pretty sure our theme breaks when we try to upgrade.. I know it definitely broke when we tried it on o

Re: [SM-USERS] Spam Sent From WebMail

> If you use SquirrelMail 1.4.4 and turned off email modifications in > SquirrelMail configuration, you haven't disabled it. Why do you keep saying that? I've turned it off, and if I go into the settings... I definitely can not change the setting... how do you propose someone would change it? -

Re: [SM-USERS] Spam Sent From WebMail

> >> Please provide more information about your setup. > >> 1. SquirrelMail version > > > > 1.4.4 (have not upgraded due to various themes, etc we have installed) > > please upgrade. http://www.squirrelmail.org/security/. > > or turn off login_auto functionality and block all requests to > src/mail

Re: [SM-USERS] Spam Sent From WebMail

>> Please provide more information about your setup. >> 1. SquirrelMail version > > 1.4.4 (have not upgraded due to various themes, etc we have installed) please upgrade. http://www.squirrelmail.org/security/. or turn off login_auto functionality and block all requests to src/mailto.php. > >> 2.

  1   2   3   >