« Return to Thread: squirrelmail usado para enviar spam?
squirrelmail usado para enviar spam?
by clau_bolson
::
Rate this Message:
Hola, soy nueva en la lista.
Estoy teniendo un problema en nuestro mailserver.
Utilizo SquirrelMail desde hace 4 años, sin ningún problema.
Ahora aparentemente SquirrelMail está siendo usado para enviar spam.
Estos son los encabezados de uno de esos mails:
------------------------------------------------------------------------------------------------------------------------------------------
encoding=8bit
client_name=localhost.localdomain
client_address=127.0.0.1
message_origin=localhost.localdomain[127.0.0.1]
helo_name=localhost
protocol_name=ESMTP
sly_ogbes@... (siguen destinatarios)
Received: from localhost (localhost.localdomain [127.0.0.1])
by mail.servidor.com (Postfix) with ESMTP id DAD4835E21D;
& Sun, 8 Jul 2007 19:15:52 -0300 (ART).
Received: from mail.servidor.com ([127.0.0.1])
by localhost (mail.servidor.com [127.0.0.1]) (amavisd-new, port10024)
> with ESMTP id 17023-11; Sun, 8 Jul 2007 19:15:52 -0300 (ART)
Received: from webmail.servidor.com (localhost.localdomain [127.0.0.1])
by mail.servidor.com (Postfix) with ESMTP id E29DC35E1FA;N& Sun, 8
Jul 2007 19:15:50 -0300 (ART)
Received: from 208.109.82.194 (SquirrelMail authenticated user
juan3458) by webmail.servidor.com with HTTP Sun, 8 Jul 2007
19:15:51 -0300 (ART)
Message-ID: <55568.208.109.82.194.1183932951.squirrel@...>
Date: Sun, 8 Jul 2007 19:15:51 -0300 (ART)
Subject: Re: Investment with S. L. International!
From: "Standard Life International" <stlinternational@...>
Reply-To: stlinternational@...
User-Agent: SquirrelMail/1.4.10a
MIME-Version: 1.0N+Content-Type: text/plain;charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
To: undisclosed-recipients:;
X-Virus-Scanned: amavisd-new at servidor.com
---------------------------------------------------------------------------------------------------------------------------------------------------
juan3458 es un usuario nuestro, su dirección IP no es 208.109.82.194
Le pedí que escaneara su disco en busca de virus o troyanos, no encontró
nada.
Un ngrep al servidor durante el momento del ataque muestra tráfico desde
208.109.82.194 a nuestro puerto 80.
La versión de squirrelmail es la última.
Alguna idea?
Gracias
Claudia Burman
El Bolsón - Patagonia Argentina
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
--
squirrelmail-lang-es mailing list
List Address: squirrelmail-lang-es@...
List Info: https://lists.sourceforge.net/lists/listinfo/squirrelmail-lang-es
http://squirrelmail.org/cvs
Estoy teniendo un problema en nuestro mailserver.
Utilizo SquirrelMail desde hace 4 años, sin ningún problema.
Ahora aparentemente SquirrelMail está siendo usado para enviar spam.
Estos son los encabezados de uno de esos mails:
------------------------------------------------------------------------------------------------------------------------------------------
encoding=8bit
client_name=localhost.localdomain
client_address=127.0.0.1
message_origin=localhost.localdomain[127.0.0.1]
helo_name=localhost
protocol_name=ESMTP
sly_ogbes@... (siguen destinatarios)
Received: from localhost (localhost.localdomain [127.0.0.1])
by mail.servidor.com (Postfix) with ESMTP id DAD4835E21D;
& Sun, 8 Jul 2007 19:15:52 -0300 (ART).
Received: from mail.servidor.com ([127.0.0.1])
by localhost (mail.servidor.com [127.0.0.1]) (amavisd-new, port10024)
> with ESMTP id 17023-11; Sun, 8 Jul 2007 19:15:52 -0300 (ART)
Received: from webmail.servidor.com (localhost.localdomain [127.0.0.1])
by mail.servidor.com (Postfix) with ESMTP id E29DC35E1FA;N& Sun, 8
Jul 2007 19:15:50 -0300 (ART)
Received: from 208.109.82.194 (SquirrelMail authenticated user
juan3458) by webmail.servidor.com with HTTP Sun, 8 Jul 2007
19:15:51 -0300 (ART)
Message-ID: <55568.208.109.82.194.1183932951.squirrel@...>
Date: Sun, 8 Jul 2007 19:15:51 -0300 (ART)
Subject: Re: Investment with S. L. International!
From: "Standard Life International" <stlinternational@...>
Reply-To: stlinternational@...
User-Agent: SquirrelMail/1.4.10a
MIME-Version: 1.0N+Content-Type: text/plain;charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
To: undisclosed-recipients:;
X-Virus-Scanned: amavisd-new at servidor.com
---------------------------------------------------------------------------------------------------------------------------------------------------
juan3458 es un usuario nuestro, su dirección IP no es 208.109.82.194
Le pedí que escaneara su disco en busca de virus o troyanos, no encontró
nada.
Un ngrep al servidor durante el momento del ataque muestra tráfico desde
208.109.82.194 a nuestro puerto 80.
La versión de squirrelmail es la última.
Alguna idea?
Gracias
Claudia Burman
El Bolsón - Patagonia Argentina
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
--
squirrelmail-lang-es mailing list
List Address: squirrelmail-lang-es@...
List Info: https://lists.sourceforge.net/lists/listinfo/squirrelmail-lang-es
http://squirrelmail.org/cvs
« Return to Thread: squirrelmail usado para enviar spam?
| Free embeddable forum powered by Nabble | Forum Help |
