The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Roundcube hacked for phishing?

Discussion in 'E-mail Discussions' started by wzd, Jan 27, 2010.

  1. wzd

    wzd Well-Known Member

    Dec 16, 2005
    Likes Received:
    Trophy Points:
    South Africa
    cPanel Access Level:
    Root Administrator
    Hi All,

    I've been noticing that for the past few days we've been getting increased phishing emails from roundcube webmail clients that are being marked as clean by Mailscanner (CSF)

    The host and client claim not to be doing this. I'm not sure but does anyone know of roundcube exploits being released recently and what is cpanel doing about this seeing as now they have incorporated roundcube?

    An example is below:
    ID: 1NZnJJ-0002ou-7B

    Message Headers: Received: from ([]
    by with esmtp (Exim 4.69)
    (envelope-from <>)
    id 1NZnJJ-0002ou-7B
    for; Tue, 26 Jan 2010 17:26:33 +0200
    Received: by (Postfix, from userid 999)
    id 43DE75B6F4; Tue, 26 Jan 2010 07:26:23 -0800 (PST)
    To: undisclosed-recipients: ;
    Subject: Online Secure Update
    MIME-Version: 1.0
    Date: Tue, 26 Jan 2010 07:26:22 -0800
    From: Absa Bank <>
    Organization: Absa Bank
    Message-ID: <e1978aba6f0e185d970e3a8f6049e9a1@localhost>
    User-Agent: RoundCube Webmail/0.2-stable
    Content-Type: multipart/alternative;

Share This Page