Hi and thanks for your suggestion! Am 23.05.11 10:04, schrieb Arjen de Korte: > Citeren Götz Reinicke - IT-Koordinator <goetz.reini...@filmakademie.de>: > >> My questions: >> >> What is the best way to find the leak? What may I configure in >> horde/imp/apache/php ... to make it harder to be compromised? > > If you're using SMTP AUTH for sending mail, the mailserver might have > logged the userid that has been used to send these messages.
hmmm... do you have any hint for me gow to find the userid? > >> This is the first time in 10 years ... so far our setup was not that bad. > > Consider the possibility that this isn't a bug in Horde, but that one of > your user accounts has been compromised. There is virtually nothing you > as an administrator can do to prevent that users are careless with their > credentials. thats true :-( I hope, that this incident will help me to tell the need of good passwords and don't belive everthing a mailsystem sends :-) > > The only thing you can do to limit the impact, is to setup quotas on the > number of messages a user can sent per hour/day/week. Since you have > received over 7000 bounces, chances are that you don't use this right > now (which is highly recommended). How may I limit the number of messages a user may send? :-) Thnaks and best regards . Götz -- Götz Reinicke IT-Koordinator Tel. +49 7141 969 420 Fax +49 7141 969 55 420 E-Mail goetz.reini...@filmakademie.de Filmakademie Baden-Württemberg GmbH Akademiehof 10 71638 Ludwigsburg www.filmakademie.de Eintragung Amtsgericht Stuttgart HRB 205016 Vorsitzende des Aufsichtsrats: Prof. Dr. Claudia Hübner Geschäftsführer: Prof. Thomas Schadt
smime.p7s
Description: S/MIME Cryptographic Signature
-- IMP mailing list Frequently Asked Questions: http://horde.org/faq/ To unsubscribe, mail: imp-unsubscr...@lists.horde.org
