Security issue

[esantos]

Hi you all

I'm experiencing a security issue I don't know where to start to ditch.

At the beginning I didn't spend a substantial time configuring the
security measures in my NE installation, so probably I'm not quite
aware on what I need to focus.

Today, I received an email from "myself" (notice semicolons), the email
content was an advertisement what I'm not aware.

My concern is, why this is possible? Somebody or something is passing trough
the MTA and sending emails targeting the account itself.

But that's not all that's up for grabs...what more can be done without my supervision???

Please, give my your measure about this problem

Thanks in advance :=Poko=:

[phoenix]

You need to post some information and you can start with the exact version of Zimbra that you're using, the headers (show original) of an email and some details from the log files that show where this message came from.

[esantos]

That's precisely the information I wish to get and I don't know how to get.

I took a look around the mailbox.log.date and what I saw is inaccurate information. What do you suggest?

Thanks

[phoenix]

Quote:

Originally Posted by esantos

That's precisely the information I wish to get and I don't know how to get.

I've already told you, do a Show Original on one of these emails - that will give you all the headers. Look in the log files for the message, you can check for that particular email or check round about the time it was received.

[esantos]

Yep, I found the trace...
the mail comes from @brascobra.com.br http://www.brascobra.com.br

The reply address targets to "@eur-cvlist.com" and its nothing more than phishing.

There are some information aboutfor the records)
Dynamoo's Blog: Fake jobs: eur-cvlist.com, gr-hire.com and world-cvlist.com

Thanks Phoenix! :-Poko-: