[RCU] spam bot using roundcube possibility

17 Mar 2011


      I recently discovered a hacker (IP: 41.211.223.83)
ALL SHOULD BLACKLIST who signed on to my roundcube system
with login credentials of a legitimate user, and used
roundcube to send out 82 emails (junk "I have a proposal for
you") to hundreds of recipients EACH.
Spamming thousands of people!
I enforce SSL connectivity.
This felon logged in twice, @13:49 and 15:31. But without a
log OUT time, I can't tell if this felon sat there cutting
and pasting, or if was an automated attack.
Question: are there BOTS which can do this automatically?
This has me furious, and wonder just how anal I have to get
checking roundcube logins?
comments please!
List info: http://lists.roundcube.net/users/
BT/9b404e9e

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

[RCU] spam bot using roundcube possibility

comments please!