On Tue, December 18, 2007 4:39 am, Fredrik Jervfors wrote:
>>>> I guess I'll start with a short greeting to all out
there...
>>>> and just so you know, this is my first
post.
>>>>
>>>> As a background info,
here is my configtest.php
>>>>
>>>>
SquirrelMail configtest
>>>>
>>>> This
script will try to check some aspects of your SquirrelMail
>>>> configuration and point you to errors whereever it can
find them. You
>>>> need to go run conf.pl in the config/
directory first before you run
>>>> this script.
>
> [Snip]
>
>>>> Now the
problem... we've been using sm for about a year, with good
>>>> results... this morning I was called to help a user how
claimed that
>>>> the
>>>> emails that
she was sending were being delivered as a coming from a
>>>> different user; she was running ie 6 (I think), and she
was the only
>>>> person using her computer (so that
rules out some one else using it
>>>> and
>>>> letting ie save their username and passwords to login
to sm).
>>>>
>>>> In general our sm
talkes to our cyrus server... all sm settings are
>>>>
stored in the sm server and all other mailbox info in the cyrus
>>>> server...
>>>>
>>>>
When I checked the destination mailbox for that mail that was sent
>>>> from
>>>> her account; the message
headers did not show her username at all;
>>>> they were
showing that the message came from a whole different user
>>>> (evethough she typed in her correct username and
password at the login
>>>> screen).
>>>
>>> You probably mean the
From: header had an email
address that did not
>>> belong to her....?? You need to be
SPECIFIC about WHAT *EXACTLY* you
>>> checked and WHAT
*EXACTLY* did not match or we cannot accurately help
>>>
you.
>>
>> I mean every header (not just the FROM,
etc.) in that email has a
>> different username than the one
that logged in...
>> then when I tested myself, I user the
user's username and password and
>> it
>> logged in
as a complete different user (different from the username and
>> password that i typed and different from the one that was noted
when the
>> user realized that something was wrong.
>
> The headers in the mails she send contains the information in
her
> preference file. Examine the preference file for her account
at the server
> and then correct it.
>
>>>> When I tried to send from her account, the composed
window showed a
>>>> signature information that did not
belong to her; and this was not
>>>> even
>>>> the same account that prompted the support call; is was
like the sm
>>>> was
>>>> taking her
username and just opening random preferences files... what
>>>> is
>>>> odd is that the cyrus server
shows now record of those mails being
>>>> sent
>>>> from her account... log files say [squirrelmail
authenticated user
>>>> joe.doe] where her username was
mary.smith, for example.
>>>>
>>>> I was
not able to replicate this behavior a 3rd time, and it only
>>>> seemed
>>>> to be on her laptop.... I
have not gotten any other reports of such
>>>>
symptoms...
>>>>
>>>> Under what
conditions will squirrelmail take a username and password,
>>>> and pass them to a cyrus server as complete different
username and
>>>> password sets... and they are correct
sine the cyrus server took
>>>> them....
>>>
>>> It is not clear to me what you are
looking at, but my guess is that
>>> the user's preferences
have been changed/compromised, and that this
>>> has nothing
to do with the account username and password. If the user
>>> can log in on the login screen with her username and
password, then
>>> the IMAP server is not involved and the
problem is simply that the
>>> preferences have been
changed. This can happen by way of a known
>>> issue in SM
where preferences can be replaced by other users who log
>>>
in to the same SqurirelMail installation on a computer where another
>>> user on the same SquirrelMail server was already logged in.
The
>>> solution in this case is to manually reset the
user's preferences (by
>>> deleting the preference file or
asking the user to change them in the
>>> personal options
page) and to make it clear to all users that they
>>> should
LOG OUT before anyone else logs in to SquirrelMail from the
>>> same computer.
>>
>> The user was
working on a laptop that was assigned to her... she
>> said
that noone else has used that laptop... even if internet explorer
>> was
>> having a bug (remembering cookies or
something like that), somehow it
>> transformed her username
and password into someone else's...
>
> And she has never
used any other computer to open her webmail? Based on
> your
description of the problem I doubt that. Even though no one but her
> has used her computer, she must have used someone else's.
>
>> When I tested it, I closed her explorer and reopened it,
typed her
>> username and password and it let me login with
those credentials, but it
>> took me to a different user's
prefs... even the signature that you
>> append
>> to
the end of the messages was not hers... of course, it was that from
>> the other/wrong user...
>
> It was the
credentials specified in her accounts preference file, which
>
became corrupt when she used her account at someone else's computer.
Good morning, and thanks for the reply... yes, it is
defenitly possible that she used someone else's computer... so the
solution (as other replys expressed) would be just to delete her pref file
and let it be recreated at next login?
>
>>> If the user's account password was somehow compromised,
that has
>>> nothing to do with software and everything to
do with password
>>> strength and/or personal computer
security. Having the user change
>>> her password to
something new and secure is a good idea in this case.
>>>
>>>> Any help is much needed and appreciated.
>>>>
>>>> Thanks in advance and sorry for
the log post... but I think it is
>>>> necessary
>
> Sincerely,
> Fredrik
>
> PS.
Please don't post in HTML to the list (see:
>
<http://squirrelmail.org/postingguidelines>).
>
>
-------------------------------------------------------------------------
> SF.Net email is sponsored by:
> Check out the new
SourceForge.net Marketplace.
> It's the best place to buy or sell
services
> for just about anything Open Source.
>
http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace
> -----
> squirrelmail-users mailing list
> Posting
guidelines: http://squirrelmail.org/postingguidelines
> List
address: [email protected]
> List archives:
http://news.gmane.org/gmane.mail.squirrelmail.user
> List info
(subscribe/unsubscribe/change options):
>
https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
>
-------------------------------------------------------------------------
SF.Net email is sponsored by:
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services
for just about anything Open Source.
http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace
-----
squirrelmail-users mailing list
Posting guidelines: http://squirrelmail.org/postingguidelines
List address: [email protected]
List archives: http://news.gmane.org/gmane.mail.squirrelmail.user
List info (subscribe/unsubscribe/change options):
https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
