On Sun, 17 Feb 2013, Jeroen van Meeuwen (Kolab Systems) wrote:
On 2013-02-14 06:52, David Carter wrote:
Good morning,
I'm a Roundcube newbie who is currently working on some minor plugins to adapt Roundcube to our needs.
One of our requirements is the ability to disable outgoing mail on accounts compromised by spammers after someone falls for a phishing spam.
Would you not rather achieve this on the MTA level? A quick example:
We do that as well.
However compromised Webmail sessions are particularly easy to spot given the unusual browsers Nigerian spammers tend to use. Disabling outgoing email there after a couple of dozen recipients saves a lot of pain.