Norm, I've read your post earlier and thank you again for your superior knowledge on all topics, but is this really anything to 'worry' about? Do most clients get their dynamic ip addresses automatically changed every 15 minutes? I would think that would generate a lot of calls to isp, etc.. Are a lot of IMail servers being compromised? I've seen the hacks used to compromise user pwds, etc, for IMail and still believe it's better overall than other options..
Thanks, ~Rick Norman J. Nolasco wrote: > Here it is again... see my earlier post... > > http://support.ipswitch.com/kb/IM-20000523-DM01.htm > > This brings up another previous issue. I may be supplying email addresses > soon to a large client base. There are still other security holes in IMail > that allow hackers to get your password, change your forwarding settings, > change your vacation message, and a dozen other things that have been > replicated by a few IMail Forum users. That was months ago. Any progress? > > -Norm > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Rick Leske > Sent: Friday, June 14, 2002 8:05 PM > To: [EMAIL PROTECTED] > Subject: Re: [IMail Forum] Possible security flaw > > > Ok, what duh?.. I'm a little slow here.. "where is this check box" at > and do I check it to plug up this hole or leave it unchecked? Is it in > the 7.1 IMail Web Messaging.. Ignore source address in security check? > that box? Looks like a hack for AOL ....~~~shreek...gasp~~ ugh.. then > I discovered its' in the calendar area too!?! > > tia, > > ~Rick > > John Tolmachoff wrote: > > >>I had previously had a user that Ipswitch said to have him connect, to >>uncheck that box to allow him to connect being that he was on Starband. >> >>Now that this has been confirmed to be a security hole, I am checking >>that box and resubmitting this incident to Ipswitch. >> >>They better come up with a fix soon. >> >>John Tolmachoff >>IT Manager, Network Engineer >>RelianceSoft, Inc. >>Fullerton, CA 92835 >>www.reliancesoft.com >> >>-----Original Message----- >>From: [EMAIL PROTECTED] >>[mailto:[EMAIL PROTECTED]] On Behalf Of Stein Langlie >>Sent: Friday, June 14, 2002 9:11 AM >>To: [EMAIL PROTECTED] >>Subject: Re: [IMail Forum] Possible security flaw >> >>I have replicated this issue. This is exactly the type of scenario that >>I am concerned about. The referrer the guy was talking about was put >>into his web log because someone was in your webmail and clicked on a >>link. Since the person was still logged in (and you have "check source >>ip" unchecked) the iMail url the user was at could be used to enter that >>user's e-mail session. Scary stuff. >> >>I don't want to alienate AOL users or other users whos have ip address >>changes from page to page - but perhaps I shouldn't worry about them and >>just check the magic "check source ip" box. Fortunately, the potential >>for abuse lies primarily with network admins (the good guys), and not >>spammers (bad guys). >> >>Cheers, >>Stein Langlie >> >> >> >> >>---------- Original Message ---------------------------------- >>From: "florida.com" <[EMAIL PROTECTED]> >>Reply-To: [EMAIL PROTECTED] >>Date: Fri, 14 Jun 2002 09:50:57 -0400 >> >> >> >>>Just got this email from a guy: ( see below) >>> >>>I could not reproduce as I don't have same software on my server to >>>readily access my referrers. >>>Maybe someone can reproduce this? >>> >>> >>>----------------------------------------------------------------------- >>> >>> >>- >> >> >>>-------------------- >>> >>> >>>>Dear Sir, >>>> >>>>When checking the incoming referrers from my website, I noticed that I >>>> >>>> >>>could get in one of your >customers e-mail box: >>> >>> >>> >>>>http://email.florida.com:8383/Xaf34c89b9bc9cfcc98e81bcf27/button.cgi >>>> >>>> >>>(session expired already dk ) >>> >>> >>>Sincerely, >>> >>>David Kaleky >>> ___________________________________________________________________ Virus Scanned and Filtered by http://www.FamHost.com E-Mail System. Please visit http://www.ipswitch.com/support/mailing-lists.html to be removed from this list. An Archive of this list is available at: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Please visit the Knowledge Base for answers to frequently asked questions: http://www.ipswitch.com/support/IMail/
