I recently discovered a hacker (IP: 41.211.223.83) ALL SHOULD BLACKLIST who signed on to my roundcube system with login credentials of a legitimate user, and used roundcube to send out 82 emails (junk "I have a proposal for you") to hundreds of recipients EACH.
Spamming thousands of people!
I enforce SSL connectivity.
This felon logged in twice, @13:49 and 15:31. But without a log OUT time, I can't tell if this felon sat there cutting and pasting, or if was an automated attack.
Question: are there BOTS which can do this automatically?
This has me furious, and wonder just how anal I have to get checking roundcube logins?
List info: http://lists.roundcube.net/users/ BT/9b404e9e