This may be cause by the fact that the webmail interface is running with permissions it should not have.
In the most recent versions of Imail, the entire interface is web driven and requires ADMINISTRATIVE permissions to run. While that does not open the doors to spammers, it gives the program entirely TOO MUCH AUTHORITY over the machine and places the program into a position where a hacker who knows the operating system, in this case Windows, can hack the interface, via the web browser, and gain total control over a server - gaining everyone's e-mail address and password . . . . . . this places the product in direct violation of generally accepted standards with regard to network security . . . . . . and that's exactly why we HAVE NOT adopted the newest version of the product or renewed our service agreement. Bruce Barnes ChicagoNetTech Inc -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Heimir Eidskrem Sent: Wednesday, August 20, 2008 17:05 To: [email protected] Subject: [IMail Forum] Webmail spammer - possible webmail breach? We had some one send tons of spam mail from the web interface. Using Imail version 8.22 Is there any known hacks or problems with the webmail? I see that they updated the user name and reply address. I see this in the w2 log files. 20080820 080500 Info - 80.78.18.19 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) GET /X5e989f9ac89ace9899cefae4b8b9/newmsg.39363.cgi?uid=bpatrick HTTP/1.1. 20080820 080500 Request processed with no referer and user agent 80.78.18.19. 20080820 080509 Info - 80.78.18.19 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) GET /X5e989f9ac89ace9899cefae4b8b9/newmsg.39363.cgi?uid=bpatrick HTTP/1.1. 20080820 080509 Request processed with no referer and user agent 80.78.18.19. 20080820 080510 Info - 80.78.18.19 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) GET /X5e989f9ac89ace9899cefae4b8b9/newmsg.39363.cgi?uid=bpatrick HTTP/1.1. 20080820 080510 Request processed with no referer and user agent 80.78.18.19. 20080820 080514 Info - 80.78.18.19 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) GET /X5e989f9ac89ace9899cefae4b8b9/newmsg.39363.cgi?uid=bpatrick HTTP/1.1. 20080820 080514 Request processed with no referer and user agent 80.78.18.19. 20080820 080517 Info - 80.78.18.19 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) GET /X5e989f9ac89ace9899cefae4b8b9/newmsg.39363.cgi?uid=bpatrick HTTP/1.1. 20080820 080517 Request processed with no referer and user agent 80.78.18.19. 20080820 080525 Info - 80.78.18.19 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) GET /X5e989f9ac89ace9899cefae4b8b9/newmsg.39363.cgi?uid=bpatrick HTTP/1.1. 20080820 080525 Request processed with no referer and user agent 80.78.18.19. 20080820 080529 Info - 80.78.18.19 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) GET /X5e989f9ac89ace9899cefae4b8b9/newmsg.39363.cgi?uid=bpatrick HTTP/1.1. 20080820 080529 Request processed with no referer and user agent 80.78.18.19. 20080820 080534 Info - 80.78.18.19 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) GET /X5e989f9ac89ace9899cefae4b8b9/newmsg.39363.cgi?uid=bpatrick HTTP/1.1. 20080820 080534 Request processed with no referer and user agent 80.78.18.19. 20080820 080540 Info - 80.78.18.19 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) GET /X5e989f9ac89ace9899cefae4b8b9/newmsg.39363.cgi?uid=bpatrick HTTP/1.1. 20080820 080540 Request processed with no referer and user agent 80.78.18.19. 20080820 080545 Info - 80.78.18.19 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) GET /X5e989f9ac89ace9899cefae4b8b9/newmsg.39363.cgi?uid=bpatrick HTTP/1.1. 20080820 080545 Request processed with no referer and user agent 80.78.18.19. To Unsubscribe: http://imailserver.com/support/discussion_list/ List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://imailserver.com/support/kb.html To Unsubscribe: http://imailserver.com/support/discussion_list/ List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://imailserver.com/support/kb.html
