I am using SquirrelMail version 1.4.8-21.el5.centos for webmail and one of my users when trying to send email via webmail it does not send using his real account but instead the is what his recipients will receive in their inbox;
Email address: Mrs.Lola Sanchez <info@Lola.com> Message body: Dear Respected I am Mrs.Lola Sanchez,manager bills and exchange at the foreign remittance department of La_caixa bank Madrid.I have a business suggestion for you.It involve the transfer of($ 15.2 million US Dollar).if interested please reach me on(mrslolasan003@qq.com) with more details of this operation. Kind Regards, Mrs Lola Sanchez. However this does not happen when he is using Microsoft Outlook |
Le 09/01/2016 06:39, amutoti a écrit :
> I am using SquirrelMail version 1.4.8-21.el5.centos for webmail and one of my > users when trying to send email via webmail it does not send using his real > account but instead the is what his recipients will receive in their inbox; > > > Email address: Mrs.Lola Sanchez <[hidden email]> > > > Message body: > > > Dear Respected > > > I am Mrs.Lola Sanchez,manager bills and exchange at the foreign remittance > department of La_caixa bank Madrid.I have a business suggestion for you.It > involve the transfer of($ 15.2 million US Dollar).if interested please reach > me on([hidden email]) with more details of this operation. > Kind Regards, > > > Mrs Lola Sanchez. > > > However this does not happen when he is using Microsoft Outlook > > > > > -- > View this message in context: http://squirrelmail.5843.n7.nabble.com/Squirrellmail-user-account-compromised-tp26228.html > Sent from the squirrelmail-users mailing list archive at Nabble.com. > > ------------------------------------------------------------------------------ > Site24x7 APM Insight: Get Deep Visibility into Application Performance > APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month > Monitor end-to-end web transactions and take corrective actions now > Troubleshoot faster and improve end-user experience. Signup Now! > http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140 > ----- > squirrelmail-users mailing list > Posting guidelines: http://squirrelmail.org/postingguidelines > List address: [hidden email] > List archives: http://news.gmane.org/gmane.mail.squirrelmail.user > List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users > Hi, You need to find where the malware is operating. Here are a few stuff to verify (without any order): - Is the end user's computer clean? - Try to send out a message from another account, and from another client computer; - (In case of Windows client) Reset the user's Windows profile; - Don't you have a malicious SM plugin installed? - Was your SM installation altered by a malware? Check files timestamps and/or md5 sums. - Install a new SM instance and ask the user to use it. - (In case of Unix authentication) Is the user's Unix account healthy? Regards, Julien ------------------------------------------------------------------------------ Site24x7 APM Insight: Get Deep Visibility into Application Performance APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month Monitor end-to-end web transactions and take corrective actions now Troubleshoot faster and improve end-user experience. Signup Now! http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140 ----- squirrelmail-users mailing list Posting guidelines: http://squirrelmail.org/postingguidelines List address: [hidden email] List archives: http://news.gmane.org/gmane.mail.squirrelmail.user List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users |
Free forum by Nabble | Edit this page |