Quoting Paul Stewart <p...@paulstewart.org>:
Hi there.New to the list and apologize in advance if this is something I missed when hunting around. We do quite a bit of webhosting and run the Plesk platform which in turn runs the IMP webmail system. We're having a problem where on a very busy server one of the accounts for a customer domain has been "hijacked". Someone has gotten their username and password. The problem is that tailing the maillog is nearly impossible and if I tail the access_log it shows the accesses and the remote IP address (somewhere in Europe). Neither of these show us the user account in use. The header of the actual message doesn't include the username hidden anywhere neither. Is there an easy way to track down the account in question?
In recent versions Imp (4.2) is able to Log the account and recipient adresses. You can also limit the number of recipients per mail and time to limit the abuse. -------------------------------------------------------------------------------- M.Menge Tel.: (49) 7071/29-70316 Universität Tübingen Fax.: (49) 7071/29-5912Zentrum für Datenverarbeitung mail: michael.me...@zdv.uni-tuebingen.de
Wächterstraße 76 72074 Tübingen
smime.p7s
Description: S/MIME Signatur
-- IMP mailing list - Join the hunt: http://horde.org/bounties/#imp Frequently Asked Questions: http://horde.org/faq/ To unsubscribe, mail: imp-unsubscr...@lists.horde.org
