I had the same situation several times... The problem was in the weak passwords where the username and the password was the same or almost the same.
Later I made a small changes in the password policy so the stupid users can't choose weak passwords (8chr min, at least one uppercase, one lowercase, one number)....
On 04/21/2011 02:29 PM, Jim Pazarena wrote:
On 2011-04-20 1:03 PM, Arthur Titeica wrote:
On Thu, 17 Mar 2011 14:53:00 -0700, Jim Pazarena wrote:
I recently discovered a hacker (IP: 41.211.223.83) ALL SHOULD BLACKLIST who signed on to my roundcube system with login credentials of a legitimate user, and used roundcube to send out 82 emails (junk "I have a proposal for you") to hundreds of recipients EACH.
comments please!
What roundcube version you have?
this was 0.5
I recently upgraded to 0.5.1
Incidentally, I found a SECOND roundcube 'hack'. Hundreds more spam sent out thru roundcube.
What concerns me is that the attack seemed automated in that the number of emails in the short time spam could not have been injected manually. Suggesting a bot of some sort automatically inserting the spam thru the web interface.