RE: Redirect of web link to a phishing website

 
From: "mrivner@PROTECTED mrivner@PROTECTED [Dada Mail Developers]" <dadadev@PROTECTED>
Subject: RE: Redirect of web link to a phishing website
In-Reply-To: (no subject)
Date: August 15th 2021

Thanks, my hosting company does know about it which is why they shut my websites down.  As mentioned, I looked for all redirects not in dadamail and could not find any.  I also did searches on the dadamail databases and could not find anything.  Shutting down dadamail by renaming the directory and mail.cgi to mail.xxx, eliminated the error.  Now my sites were scanned and are clean.  My website is back up but dadamail is not running.  Obviously, I would like my discussion lists active again.  I think the problem is dadamail.  Of course my hosting company was of NO help at all.  I scanned my computer and their were no viruses.  I have no idea where the error is but I will reload dadamail from a fresh install.  Any ideas how to fix this would be appreciated or how to look for these requests and block them so they are not redirected since the link as far as I know is not a normal link.

 

Michael

 

Michael H. Rivner, M.D.

Charbonnier Professor Emeritus of Neurology

Augusta University, Medical College of Georgia

Augusta, Georgia 30912

 

From: dadadev@PROTECTED <dadadev@PROTECTED>
Sent: Sunday, August 15, 2021 9:47 AM
To: Dada Mail Developers Subscriber <mrivner@PROTECTED>
Subject: RE: [dadadev] Redirect of web link to a phishing website

 

 

From: webmaster@PROTECTED

You need to report that to your hosting company. Someone did hack your site, your file space. I don’t think they necessarily hacked it through Dada Mail, though. It could have been any number of paths. Definitely report it, though.

_______________________________________________
Bruce Scherzinger, HME HOA Webmaster * webmaster@PROTECTED

 

From: mrivner@PROTECTED mrivner@PROTECTED [Dada Mail Developers]
Sent: Saturday, August 14, 2021 8:18 PM
To: Dada Mail Developers Subscriber
Subject: [dadadev] Redirect of web link to a phishing website

 

 

From: mrivner@PROTECTED

Hi,

I recently had my websites deactivated because a link on my site:

http://wbad.com/loc/list/dada/mail.cgi/r/listnm/195056493661/6b736baba9e8a49fbf129f   (I changed the name of the domain (wbad.com) and name of the main directory (loc)  and list name (listnm) ).  But as you can see it called the mail.cgi file.

It redirected to an external website

https://bitly.com/a/warning?hash=   (I removed some of this redirection)

 

Does anyone know what produced this.  Does this indicate an attack on the mail.cgi code—I am not really sure where this code is.  I looked at the mysql database and could not find this.

 

Thanks.

Michael

 

Michael H. Rivner, M.D.

Charbonnier Professor Emeritus of Neurology

Augusta University, Medical College of Georgia

Augusta, Georgia 30912

 

 

                                                           

 

 

                                                           

  • This mailing list is a public mailing list - anyone may join or leave, at any time.
  • This mailing list is a group discussion list (unmoderated)
  • Start a new thread, email: dadadev@dadamailproject.com

This mailing list is to discuss the nerdy programming development of Dada Mail -

If you are just looking for support Dada Mail, consult the message boards at:

http://dadamailproject.com/support/boards

To post to this list, send a message to:

 dadadev@dadamailproject.com

All subscribers of this list may post to the list itself.

Some on topic... topics include:

  • Positive Crits on the program (I like, "x", but, "y" needs some work - here's an idea on how to make this better...)
  • Bug/Error reports
  • Bug fixes
  • Request For Comments on any changes to the program
  • Help customizing Dada Mail for your own internal needs
  • Patches
  • Language Translations
  • Support Documentation/Doc editing, FAQ's, etc.
  • Discussion of any changes that you would like to be committed to the next version of Dada Mail -

At the moment, there aren't many people with CVS access for Dada Mail - if you would like CVS access, please first talk about the changes you propose and how it will affect the program. If the idea is sound and agreed upon, the change will be comitted. A good track record of this will allow you to have CVS access. Some reasons that patches will not be accepted is if the patch breaks compatibility with a previous version of the program, the patch is too centric to your own problem or the patch simply isn't very good.

Please, please please familiarize yourself with the documentation at:

 http://dadamailproject.com/support/documentation/

Since no one wants to answer the same question twice.

Another sneaky reason for this mailing list is to test out the discussion list capabilities of Dada Mail, since Dada Mail is used for the mailing list itself.

NOTE - because of this, there may be times that this list will be somewhat broken. Although we're not planning on breaking the program by using it, we're giving you the heads up that this may well happen anyways.

Privacy Policy:

This Privacy Policy is for this mailing list, and this mailing list only.

Email addresses collection through this mailing list are used explicitly to work within this email discussion list.

We only collect email addresses through our Closed-Loop Opt-In system.

We don't use your email address for any other purpose.

We won't be sharing your email address with any other entity.

Unsubscription can be done at any time. Please contact us at: justin@dadamailproject.com for any help regarding your subscription, including removal from the mailing list.

All mailing list messages sent from us will include a subscription removal link, which will allow you to remove yourself from this mailing list automatically, and permanently.

All consent to use your email address for any other purpose stated at the time of the mailing list subscription will also be revoked upon mailing list removal.