I run mod_security on my server and found today well over 100 calls for the Roundcube file bin/msgimport. These calls came from different IPs all over the world but pattern was the same. There would be 2 calls for /nonexistensh** and then multiple calls for bin/msgimport (with different paths) till the server blocked that IP and it would start anew from a different IP.
Personally I'm going to delete or move this file just to be safe but I thought a heads up might be appropriate here since I was unable to find anything on the forums when I ran a search.
