> With all the different webmail systems, it seems unlikely to me (though I > definitely wouldn't say impossible) that bots are spamming through your > webmail (unless you work for gmail, hotmail, etc. and are an attractive > enough target that it made sense to code a bot to automate utilizing your > webmail interface). Bots being used as proxies seems far more likely to me > for the general case of "bots" spamming through an ISP's webmail. >
Many providers and hosts use the same webmail packages so the work to automate is a bit lower than one might think. We have seen bots sending spam using our squirrelmail and roundcube webmail using credentials gleaned from phishing activity.
