Fri, 10 Apr 2026 16:31:15 +0000 https://bugs.horde.org/ticket/12792 Log identity Is there a way to log which identity the email account being used to send out email? Some accounts got compromised and new identities created to perform spamming. The only way to find out was from the horde_prefs table. Reading the log would be faster and more helpful. Thu, 24 Oct 2013 14:08:17 +0000 https://bugs.horde.org/ticket/12792#t81217 > Is there a way to log which identity the email account being used to > send out email? Configure your Mail Transfer Agent (MTA) to only accept messages through SMTP AUTH on port 587. Configure Horde to send messages through that port and use their credentials for SMTP AUTH. Don't allow users to setup e-mail addresses without verification that they actually have access to this account. Make sure $conf[user][verify_from_addr] is ticked in Administration->Horde->User Capabilities and Constraints. Your MTA can possibly help too here. For instance, in Postfix there is an option 'reject_sender_login_mismatch' which will prevent your users from making up sender addresses. I use the latter, which has the added benefit of being independent from Horde, so it doesn't matter how users send messages through your server. > Some accounts got compromised and new identities > created to perform spamming. Limiting the number of messages/recipients can send per hour/day would have limited the impact of compromised accounts. Configure the Administration->Permissions for IMP and cap both 'max_recipients' and 'max_timelimit' to a reasonable value. > The only way to find out was from the > horde_prefs table. Reading the log would be faster and more helpful. Sure. Thu, 24 Oct 2013 17:33:24 +0000 https://bugs.horde.org/ticket/12792#t81218 Please use the mailing list to ask for support. http://www.horde.org/mail/ contains a list of all available mailing lists. Thu, 24 Oct 2013 17:44:33 +0000 https://bugs.horde.org/ticket/12792#t81222