--
--
--
Rafael Mahecha
E-mail Administrator
Office of Information Management
Jackson State University
JSU e-Center
1230 Raymond Road
Jackson, MS 39204
[EMAIL PROTECTED]
(601)-979-1783
http://www.jsums.edu
On Thu, December 13, 2007 9:23 pm, Paul Lesniewski wrote:
> On
Dec 11, 2007 10:51 PM, Rafael Mahecha <[EMAIL PROTECTED]> wrote:
>> I guess I'll start with a short greeting to all out there...
and just so
>> you
>> know, this is my first
post.
>>
>> As a background info, here is my
configtest.php
>>
>>
>>
>>
>>
>> SquirrelMail configtest
>>
>> This script will try to check some aspects of your
SquirrelMail
>> configuration and point you to errors whereever
it can find them. You
>> need
>> to go run conf.pl
in the config/ directory first before you run this
>>
script.
>>
>>
>> SquirrelMail version:
1.4.8-4.0.1.el4.centos
>> Config file version: 1.4.0
>> Config file last modified: 11 December 2007 23:50:48 Checking
PHP
>> configuration...
>> PHP version 4.3.9
OK.
>> PHP extensions OK.
>> Checking
paths...
>> Data dir OK.
>> Attachment dir
OK.
>>
>>
>> ERROR: You have enabled
the msg_flags plugin but I cannot read its
>> setup.php file.
Plugins OK.
>> Themes OK.
>> Default
language OK.
>> Base URL detected as:
https://webmail.jsums.edu/webmail/src
>> (location
>> base autodetected)
>> Checking outgoing mail
service....
>> SMTP server OK (220 ccaix.jsums.edu ESMTP
Sendmail 8.13.1/8.13.1;
>> Wed,
>> 12 Dec 2007
00:24:39 -0600)
>> Checking IMAP service....
>>
IMAP server ready (* OK ccaix.jsums.edu Cyrus IMAP4
>>
v2.2.12-Invoca-RPM-2.2.12-8.1.RHEL4 server ready)
>>
Capabilities: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+
>> MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME
UNSELECT
>> CHILDREN
>> MULTIAPPEND BINARY SORT
THREAD=ORDEREDSUBJECT THREAD=REFERENCES
>> ANNOTATEMORE
>> IDLE AUTH=PLAIN SASL-IR LISTEXT LIST-SUBSCRIBED X-NETSCAPE
>> Checking internationalization (i18n) settings...
>>
gettext - Gettext functions are available. You must have
>>
appropriate
>> system locales compiled.
>>
mbstring - Mbstring functions are available.
>> recode -
Recode functions are unavailable.
>> iconv - Iconv
functions are available.
>> timezone - Webmail users can
change their time zone settings.
>> Checking database
functions...
>> not using database functionality.
>>
>>
>> Congratulations, your SquirrelMail
setup looks fine to me!
>>
>> Login now
>>
>>
>> Now the problem... we've been using
sm for about a year, with good
>> results... this morning I was
called to help a user how claimed that the
>> emails that she
was sending were being delivered as a coming from a
>>
different user; she was running ie 6 (I think), and she was the only
>> person
>> using her computer (so that rules out some
one else using it and letting
>> ie
>> save their
username and passwords to login to sm).
>>
>> In
general our sm talkes to our cyrus server... all sm settings are
>> stored
>> in the sm server and all other mailbox
info in the cyrus server...
>>
>> When I checked the
destination mailbox for that mail that was sent from
>> her
>> account; the message headers did not show her username at all;
they were
>> showing that the message came from a whole
different user (evethough she
>> typed in her correct username
and password at the login screen).
>
> You probably mean
the
From: header had an email address that did not
> belong
to her....?? You need to be SPECIFIC about WHAT *EXACTLY* you
>
checked and WHAT *EXACTLY* did not match or we cannot accurately help
> you.
>
I mean every header (not just the FROM,
etc.) in that email has a different username than the one that logged
in... then when I tested myself, I user the user's username and password
and it logged in as a complete different user (different from the username
and password that i typed and different from the one that was noted when
the user realized that something was wrong.
>> When I
tried to send from her account, the composed window showed a
>>
signature information that did not belong to her; and this was not even
>> the
>> same account that prompted the support call;
is was like the sm was
>> taking
>> her username and
just opening random preferences files... what is odd is
>> that
the cyrus server shows now record of those mails being sent from
>> her
>> account... log files say [squirrelmail
authenticated user joe.doe] where
>> her
>> username
was mary.smith, for example.
>>
>> I was not able to
replicate this behavior a 3rd time, and it only seemed
>> to
>> be on her laptop.... I have not gotten any other reports of
such
>> symptoms...
>>
>> Under what
conditions will squirrelmail take a username and password,
>>
and
>> pass them to a cyrus server as complete different
username and password
>> sets... and they are correct sine the
cyrus server took them....
>
> It is not clear to me what
you are looking at, but my guess is that
> the user's preferences
have been changed/compromised, and that this
> has nothing to do
with the account username and password. If the user
> can log in
on the login screen with her username and password, then
> the
IMAP server is not involved and the problem is simply that the
>
preferences have been changed. This can happen by way of a known
> issue in SM where preferences can be replaced by other users who
log
> in to the same SqurirelMail installation on a computer where
another
> user on the same SquirrelMail server was already logged
in. The
> solution in this case is to manually reset the user's
preferences (by
> deleting the preference file or asking the user
to change them in the
> personal options page) and to make it
clear to all users that they
> should LOG OUT before anyone else
logs in to SquirrelMail from the
> same computer.
>
The user was working on a laptop that was assigned to her... she
said that noone else has used that laptop... even if internet explorer was
having a bug (remembering cookies or something like that), somehow it
transformed her username and password into someone else's...
When I tested it, I closed her explorer and reopened it, typed her
username and password and it let me login with those credentials, but it
took me to a different user's prefs... even the signature that you append
to the end of the messages was not hers... of course, it was that from the
other/wrong user...
> If the user's account password was
somehow compromised, that has
> nothing to do with software and
everything to do with password
> strength and/or personal computer
security. Having the user change
> her password to something new
and secure is a good idea in this case.
>
>> Any help
is much needed and appreciated.
>>
>> Thanks in
advenced and sorry for the log post... but I think it is
>>
necessary
>>
>>
>
-------------------------------------------------------------------------
SF.Net email is sponsored by:
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services
for just about anything Open Source.
http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace
-----
squirrelmail-users mailing list
Posting guidelines: http://squirrelmail.org/postingguidelines
List address: [email protected]
List archives: http://news.gmane.org/gmane.mail.squirrelmail.user
List info (subscribe/unsubscribe/change options):
https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
