Quoting Rodrigo Abrantes Antunes <rodrigoantu...@pelotas.ifsul.edu.br>:
Citando Rodrigo Abrantes Antunes <rodrigoantu...@pelotas.ifsul.edu.br>:
Citando Vilius Šumskas <vil...@lnk.lt>:
Citando Vilius Šumskas <vil...@lnk.lt>:
Rodrigo Abrantes Antunes <rodrigoantu...@pelotas.ifsul.edu.br> rašė:
More logs in my mail server, not the one where horde is:
Here you say that it is your mail server.
But the strange thing is how the message id is ..@myhordeserver.xxx.xxx if
it's not my mail server?
Here you say that it is NOT your mail server.
So which is it?
--
Vilius
--
imp mailing list
Frequently Asked Questions: http://wiki.horde.org/FAQTo
unsubscribe, mail: imp-unsubscr...@lists.horde.org
Those logs were in my mail server like I said. But the message id
was of the horde server, this is exactly what I found strange, how
the message id is ..@myhordeserver.xxx.xxx if it was sent by my
mail server and should be ...@mymailserver.xxx.xxx?
I thought it was strange because of this (a message id being interpreted
as an e-mail):
...GET /static/b169ed96a0dc55b4a76d1a29a1848ae3.css HTTP/1.1" 200 115911
"https://myhordeserver.xxx.xxx/imp/compose-dimp.php?to=20120917130155.horde.rgb1fev4cn9qv0lzuz0n...@myhordeserver.xxx.xxx&popup=1";
"Mozilla/5.0....
As if someone was trying to send an email to a message id. But Michael
Slusarz said this: "It looks like a Message-ID header from a message sent
by Horde/IMP is being interpreted as an e-mail address somewhere in
Horde/IMP. Looks like we are running the e-mail text search filter on the
Message-ID header when we don't need to (maybe in View All Headers in the
standard IMP view?) and a user is clicking on that.
Possible explanations:
1. The bot (or spamming) service is broken/dumb, and is trying to send
messages to a non-existent e-mail address.
2. Your compose script has been compromised and this particular To
string is used to activate the bad code in the compromised script.
michael
___________________________________
Michael Slusarz [slus...@horde.org]
--
imp mailing list
Frequently Asked Questions: http://wiki.horde.org/FAQ
To unsubscribe, mail: imp-unsubscr...@lists.horde.org
