Hi,
since saturday we got about 40 reports from spamcom.net and other
mailserver providers, that 'we' are sending or are used for sending spam.
The MX is 193.196.129.3
So far I received about 7.000 returned mail bounces from our system and
all reported messages do have User-Agent: Internet
Citeren Götz Reinicke - IT-Koordinator goetz.reini...@filmakademie.de:
My questions:
What is the best way to find the leak? What may I configure in
horde/imp/apache/php ... to make it harder to be compromised?
If you're using SMTP AUTH for sending mail, the mailserver might have
logged the
How may I limit the number of messages a user may send? :-)
for example google 'policyd'
--
IMP mailing list
Frequently Asked Questions: http://horde.org/faq/
To unsubscribe, mail: imp-unsubscr...@lists.horde.org
Am 23.05.11 10:30, schrieb azurIt:
How may I limit the number of messages a user may send? :-)
for example google 'policyd'
not for sendmail as far as I know.
/Götz
--
Götz Reinicke
IT-Koordinator
Tel. +49 7141 969 420
Fax +49 7141 969 55 420
E-Mail
uuhm, sendmail users still exists ? ;)
__
Od: Götz Reinicke - IT-Koordinator
Komu: imp@lists.horde.org
Dátum: 23.05.2011 10:36
Predmet: Re: [imp] May be our horde installation was used for spam
Am 23.05.11 10:30, schrieb
Hi,
Thanks everyone, your answers helped me a lot. I activated the maillog and
the message appears, but still without confirmation to the sender.
Can you keep helping me?
Regards
El 19 de mayo de 2011 18:28, Miguel Ángel García Jiménez
mangel.garci...@gmail.com escribió:
Hi,
Thanks for
Am 20:59, schrieb Götz Reinicke - IT-Koordinator:
Hi,
since saturday we got about 40 reports from spamcom.net and other
mailserver providers, that 'we' are sending or are used for sending spam.
The MX is 193.196.129.3
It's not widely listed at
Hi,
I have two problems with the new version of imp:
1) When I select some messages to delete themand then I press the delete
button imp shows me them all correctly set as deleted with a line above
the message, but when I click on remove deleted messages not removed
them from the folder view.
2) When I reply to an email, with some senders that happens over email
sender in the To: field is also set my email so I get a copy of the email.
The strange thing is that does not happen with all email, and it happens
with all email accounts on the server.
Add all of your aliasses
Sorry, not 'From' header but 'To' header.
__
Od: azurIt
Komu:
Dátum: 23.05.2011 12:19
Predmet: Re: [imp] strange problems with imp ver 5.0.3
This happens when you receive e-mail to address which is not your main address (the
Zitat von Janis Eisaks j...@ktf.rtu.lv:
Hi!
two remaining questions:
1. how can i migrate user's data (adress books, identities, tasks,
filters etc) from webmail 1.2.9 to Horde4;
http://www.horde.org/apps/horde/docs/UPGRADING
2. what can be done to display folder list in alphabetical
My email is xx...@digicolor.net and this is some of the email header :
Message-ID:4dda145d.3070...@boldrinispa.com
Disposition-Notification-To: y...@boldrinispa.comy...@boldrinispa.com
Date: Mon, 23 May 2011 10:01:33 +0200
From:
Ok, adesso ho capito , infatti funziona.
Non e' che sai dirmi anche il perchè del primo problema ? :-))
Many thanks.
Il 23/05/2011 12:32, azurIt ha scritto:
Just add xx...@digicolor.net to your aliasses as i said before ;)
__
Od:
Hi,
apache 2.2.16
php 5.3.3 *with suhosin*
horde 4.0.3
imp 5.0.3
In my syslog, I have a lot of this message:
suhosin[2446]: ALERT - ASCII-NUL chars not allowed within request
variables - dropped variable 'view' (attacker 'XXX.XXX.XXX.XXX', file
'.../services/ajax.php')
And the search in dimp
Apologies for top posting..
No wonder you have an issue. Install postfix asap and replace sendmail. This
is more secure and less complex (and it sounds like you don't need complex).
In the meantime take that box offline until you establish of it's the server or
a compromised user account.
Quoting Jan Schneider j...@horde.org:
2. what can be done to display folder list in alphabetical order
for selected language - for example letter č in Latvian follows
c, not z
Horde 1.0.8 places national letters before A, 1.2.9 and Horde4/IMP5
- after Z
We use strnatcasecmp and
Quoting Simon Brereton simon.brere...@dada.net:
Apologies for top posting..
No wonder you have an issue. Install postfix asap and replace
sendmail. This is more secure and less complex (and it sounds like
you don't need complex).
actually, if one goes to make a secure server, it is not
Quoting Olivier oliv...@ablinux.com:
Hi,
apache 2.2.16
php 5.3.3 *with suhosin*
horde 4.0.3
imp 5.0.3
In my syslog, I have a lot of this message:
suhosin[2446]: ALERT - ASCII-NUL chars not allowed within request
variables - dropped variable 'view' (attacker 'XXX.XXX.XXX.XXX',
file
* G?tz Reinicke - IT-Koordinator goetz.reini...@filmakademie.de [2011-05-23
04:30]:
hmmm... do you have any hint for me gow to find the userid?
We use the method described here:
http://www.mail-archive.com/imp@lists.horde.org/msg04736.html
How may I limit the number of messages a user
My questions:
What is the best way to find the leak? What may I configure in
horde/imp/apache/php ... to make it harder to be compromised?
There are many phishing mails which target webmail accounts.
IMHO this is the most comon case for abuse of imp and other webmail
software
IMP has some
Quoting Olivier oliv...@ablinux.com:
suhosin[2446]: ALERT - ASCII-NUL chars not allowed within request
variables - dropped variable 'view' (attacker 'XXX.XXX.XXX.XXX',
file '.../services/ajax.php')
Still waiting for someone to tell me how a NULL character, by itself,
is a security
On Mon, 23 May 2011, Götz Reinicke - IT-Koordinator wrote:
Hi,
since saturday we got about 40 reports from spamcom.net and other
mailserver providers, that 'we' are sending or are used for sending spam.
The MX is 193.196.129.3
So far I received about 7.000 returned mail bounces from our
Quoting Andrew Morgan mor...@orst.edu:
On Mon, 23 May 2011, Götz Reinicke - IT-Koordinator wrote:
Hi,
since saturday we got about 40 reports from spamcom.net and other
mailserver providers, that 'we' are sending or are used for sending spam
--
IMP mailing list
Frequently Asked Questions:
Quoting Rick Romero r...@havokmon.com:
Quoting Michael M Slusarz slus...@horde.org:
Quoting Olivier oliv...@ablinux.com:
suhosin[2446]: ALERT - ASCII-NUL chars not allowed within request
variables - dropped variable 'view' (attacker 'XXX.XXX.XXX.XXX',
file '.../services/ajax.php')
this can be disabled in suhosin:
http://www.hardened-php.net/suhosin/configuration.html#suhosin.post.disallow_nul
__
Od: Michael M Slusarz
Komu: imp@lists.horde.org
Dátum: 23.05.2011 21:00
Predmet: Re: [imp] BUG: php 5 suhosin
Yes, but is this the only edge effect of suhosin ?
Olivier
Le 23/05/2011 21:04, azurIt a écrit :
this can be disabled in suhosin:
http://www.hardened-php.net/suhosin/configuration.html#suhosin.post.disallow_nul
__
Od: Michael M
Almost everything (or maybe everything) in suhosin can be disabled. I believe
it is possible to tune it so Horde will work ok.
__
Od: Olivier
Komu: imp@lists.horde.org
Dátum: 23.05.2011 21:21
Predmet: Re: [imp] BUG: php 5
Quoting Olivier oliv...@ablinux.com:
Yes, but is this the only edge effect of suhosin ?
Olivier
IMHO, suhosin is looking for things that PROBABLY shouldn't be
happening. For the most part there won't be any issues, but the only
way to guarantee the app works perfectly is to not
Quoting Rick Romero r...@havokmon.com:
Actually, I run suhosin on FreeBSD 7.2-stable and haven't run into
any issues.
PHP 5.2.14 with Suhosin-Patch 0.9.7 (cli) (built: Aug 29 2010 20:06:55)
The patch has been reported to work fine - apparently, it doesn't much
with Zend internals.
But
Hi!
I noticed that during install the Horde PDF library is installed along
others - where (and how) it is used?
Janis
--
IMP mailing list
Frequently Asked Questions: http://horde.org/faq/
To unsubscribe, mail: imp-unsubscr...@lists.horde.org
30 matches
Mail list logo