Results 1 to 5 of 5

Thread: Security issue

  1. #1
    esantos's Avatar
    esantos is offline Senior Member
    Join Date
    Aug 2010
    Location
    Monterrey, Mexico
    Posts
    68
    Rep Power
    4

    Question Security issue

    Hi you all

    I'm experiencing a security issue I don't know where to start to ditch.

    At the beginning I didn't spend a substantial time configuring the
    security measures in my NE installation, so probably I'm not quite
    aware on what I need to focus.

    Today, I received an email from "myself" (notice semicolons), the email
    content was an advertisement what I'm not aware.

    My concern is, why this is possible? Somebody or something is passing trough
    the MTA and sending emails targeting the account itself.

    But that's not all that's up for grabs...what more can be done without my supervision???

    Please, give my your measure about this problem

    Thanks in advance :=Poko=:

  2. #2
    phoenix is online now Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,480
    Rep Power
    56

    Default

    You need to post some information and you can start with the exact version of Zimbra that you're using, the headers (show original) of an email and some details from the log files that show where this message came from.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #3
    esantos's Avatar
    esantos is offline Senior Member
    Join Date
    Aug 2010
    Location
    Monterrey, Mexico
    Posts
    68
    Rep Power
    4

    Default Getting info

    That's precisely the information I wish to get and I don't know how to get.

    I took a look around the mailbox.log.date and what I saw is inaccurate information. What do you suggest?

    Thanks

  4. #4
    phoenix is online now Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,480
    Rep Power
    56

    Default

    Quote Originally Posted by esantos View Post
    That's precisely the information I wish to get and I don't know how to get.
    I've already told you, do a Show Original on one of these emails - that will give you all the headers. Look in the log files for the message, you can check for that particular email or check round about the time it was received.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  5. #5
    esantos's Avatar
    esantos is offline Senior Member
    Join Date
    Aug 2010
    Location
    Monterrey, Mexico
    Posts
    68
    Rep Power
    4

    Default

    Yep, I found the trace...
    the mail comes from @brascobra.com.br http://www.brascobra.com.br

    The reply address targets to "@eur-cvlist.com" and its nothing more than phishing.

    There are some information aboutfor the records)
    Dynamoo's Blog: Fake jobs: eur-cvlist.com, gr-hire.com and world-cvlist.com

    Thanks Phoenix! :-Poko-:

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Is LMTP On External Interface A Security Issue?
    By freedomics in forum Installation
    Replies: 2
    Last Post: 08-27-2007, 12:37 PM
  2. Open Relay Help & Telnet Security Issue
    By OfMacAndMen in forum Installation
    Replies: 17
    Last Post: 07-10-2007, 07:51 PM
  3. DelegateAuth in audit.log
    By Krishopper in forum Administrators
    Replies: 2
    Last Post: 05-17-2007, 05:08 AM
  4. Security Vulnerability Alert
    By jholder in forum Announcements
    Replies: 0
    Last Post: 04-21-2007, 01:34 PM
  5. Intermittent issue (issue# 5852) ?
    By nick20 in forum Installation
    Replies: 1
    Last Post: 02-08-2006, 02:47 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •