Re: [IMail Forum] Webmail spammer - possible webmail breach?

Wed, 20 Aug 2008 19:43:05 -0700 

I am not running the latest.

I am running 8.22 using the Imail webmail server.
I do not remember seeing anything about any problems with the webmail and security. 


I agree with you regarding the security implementation you describe. I 
remember this being an issue but thought Ipswitch realized its mistake 
and corrected that?


Thank you for your answer.
Its not much response to anything on this list anymore.
Pretty much dead.



Bruce Barnes wrote:

This may be cause by the fact that the webmail interface is running with
permissions it should not have.

In the most recent versions of Imail, the entire interface is web driven and
requires ADMINISTRATIVE permissions to run.  While that does not open the
doors to spammers, it gives the program entirely TOO MUCH AUTHORITY over the
machine and places the program into a position where a hacker who knows the
operating system, in this case Windows, can hack the interface, via the web
browser, and gain total control over a server - gaining everyone's e-mail

address and password . . . 


 . . . this places the product in direct violation of generally accepted
standards with regard to network security . . .

 . . . and that's exactly why we HAVE NOT adopted the newest version of the
product or renewed our service agreement.

Bruce Barnes
ChicagoNetTech Inc


 


-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Heimir Eidskrem
Sent: Wednesday, August 20, 2008 17:05
To: [email protected]
Subject: [IMail Forum] Webmail spammer - possible webmail breach?

We had some one send tons of spam mail from the web interface.
Using Imail version 8.22

Is there any known hacks or problems with the webmail?
I see that they updated the user name and reply address.


I see this in the w2 log files.

20080820 080500 Info - 80.78.18.19 Mozilla/4.0 (compatible; MSIE 6.0; 
Windows NT 5.1; SV1)  GET 
/X5e989f9ac89ace9899cefae4b8b9/newmsg.39363.cgi?uid=bpatrick HTTP/1.1.
20080820 080500 Request processed with no referer and user agent 
80.78.18.19.
20080820 080509 Info - 80.78.18.19 Mozilla/4.0 (compatible; MSIE 6.0; 
Windows NT 5.1; SV1)  GET 
/X5e989f9ac89ace9899cefae4b8b9/newmsg.39363.cgi?uid=bpatrick HTTP/1.1.
20080820 080509 Request processed with no referer and user agent 
80.78.18.19.
20080820 080510 Info - 80.78.18.19 Mozilla/4.0 (compatible; MSIE 6.0; 
Windows NT 5.1; SV1)  GET 
/X5e989f9ac89ace9899cefae4b8b9/newmsg.39363.cgi?uid=bpatrick HTTP/1.1.
20080820 080510 Request processed with no referer and user agent 
80.78.18.19.
20080820 080514 Info - 80.78.18.19 Mozilla/4.0 (compatible; MSIE 6.0; 
Windows NT 5.1; SV1)  GET 
/X5e989f9ac89ace9899cefae4b8b9/newmsg.39363.cgi?uid=bpatrick HTTP/1.1.
20080820 080514 Request processed with no referer and user agent 
80.78.18.19.
20080820 080517 Info - 80.78.18.19 Mozilla/4.0 (compatible; MSIE 6.0; 
Windows NT 5.1; SV1)  GET 
/X5e989f9ac89ace9899cefae4b8b9/newmsg.39363.cgi?uid=bpatrick HTTP/1.1.
20080820 080517 Request processed with no referer and user agent 
80.78.18.19.
20080820 080525 Info - 80.78.18.19 Mozilla/4.0 (compatible; MSIE 6.0; 
Windows NT 5.1; SV1)  GET 
/X5e989f9ac89ace9899cefae4b8b9/newmsg.39363.cgi?uid=bpatrick HTTP/1.1.
20080820 080525 Request processed with no referer and user agent 
80.78.18.19.
20080820 080529 Info - 80.78.18.19 Mozilla/4.0 (compatible; MSIE 6.0; 
Windows NT 5.1; SV1)  GET 
/X5e989f9ac89ace9899cefae4b8b9/newmsg.39363.cgi?uid=bpatrick HTTP/1.1.
20080820 080529 Request processed with no referer and user agent 
80.78.18.19.
20080820 080534 Info - 80.78.18.19 Mozilla/4.0 (compatible; MSIE 6.0; 
Windows NT 5.1; SV1)  GET 
/X5e989f9ac89ace9899cefae4b8b9/newmsg.39363.cgi?uid=bpatrick HTTP/1.1.
20080820 080534 Request processed with no referer and user agent 
80.78.18.19.
20080820 080540 Info - 80.78.18.19 Mozilla/4.0 (compatible; MSIE 6.0; 
Windows NT 5.1; SV1)  GET 
/X5e989f9ac89ace9899cefae4b8b9/newmsg.39363.cgi?uid=bpatrick HTTP/1.1.
20080820 080540 Request processed with no referer and user agent 
80.78.18.19.
20080820 080545 Info - 80.78.18.19 Mozilla/4.0 (compatible; MSIE 6.0; 
Windows NT 5.1; SV1)  GET 
/X5e989f9ac89ace9899cefae4b8b9/newmsg.39363.cgi?uid=bpatrick HTTP/1.1.
20080820 080545 Request processed with no referer and user agent 
80.78.18.19.






To Unsubscribe: http://imailserver.com/support/discussion_list/
List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://imailserver.com/support/kb.html


To Unsubscribe: http://imailserver.com/support/discussion_list/
List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://imailserver.com/support/kb.html



  



To Unsubscribe: http://imailserver.com/support/discussion_list/
List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://imailserver.com/support/kb.html






















					Reply via email to