On Dec 11, 2007 10:51 PM, Rafael Mahecha <mahecha@xxxxxxxxx> wrote: > I guess I'll start with a short greeting to all out there... and just so you > know, this is my first post. > > As a background info, here is my configtest.php > > > > > > SquirrelMail configtest > > This script will try to check some aspects of your SquirrelMail > configuration and point you to errors whereever it can find them. You need > to go run conf.pl in the config/ directory first before you run this script. > > > SquirrelMail version: 1.4.8-4.0.1.el4.centos > Config file version: 1.4.0 > Config file last modified: 11 December 2007 23:50:48 Checking PHP > configuration... > PHP version 4.3.9 OK. > PHP extensions OK. > Checking paths... > Data dir OK. > Attachment dir OK. > > > ERROR: You have enabled the msg_flags plugin but I cannot read its > setup.php file. Plugins OK. > Themes OK. > Default language OK. > Base URL detected as: https://webmail.jsums.edu/webmail/src (location > base autodetected) > Checking outgoing mail service.... > SMTP server OK (220 ccaix.jsums.edu ESMTP Sendmail 8.13.1/8.13.1; Wed, > 12 Dec 2007 00:24:39 -0600) > Checking IMAP service.... > IMAP server ready (* OK ccaix.jsums.edu Cyrus IMAP4 > v2.2.12-Invoca-RPM-2.2.12-8.1.RHEL4 server ready) > Capabilities: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ > MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN > MULTIAPPEND BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE > IDLE AUTH=PLAIN SASL-IR LISTEXT LIST-SUBSCRIBED X-NETSCAPE > Checking internationalization (i18n) settings... > gettext - Gettext functions are available. You must have appropriate > system locales compiled. > mbstring - Mbstring functions are available. > recode - Recode functions are unavailable. > iconv - Iconv functions are available. > timezone - Webmail users can change their time zone settings. > Checking database functions... > not using database functionality. > > > Congratulations, your SquirrelMail setup looks fine to me! > > Login now > > > Now the problem... we've been using sm for about a year, with good > results... this morning I was called to help a user how claimed that the > emails that she was sending were being delivered as a coming from a > different user; she was running ie 6 (I think), and she was the only person > using her computer (so that rules out some one else using it and letting ie > save their username and passwords to login to sm). > > In general our sm talkes to our cyrus server... all sm settings are stored > in the sm server and all other mailbox info in the cyrus server... > > When I checked the destination mailbox for that mail that was sent from her > account; the message headers did not show her username at all; they were > showing that the message came from a whole different user (evethough she > typed in her correct username and password at the login screen). You probably mean the From: header had an email address that did not belong to her....?? You need to be SPECIFIC about WHAT *EXACTLY* you checked and WHAT *EXACTLY* did not match or we cannot accurately help you. > When I tried to send from her account, the composed window showed a > signature information that did not belong to her; and this was not even the > same account that prompted the support call; is was like the sm was taking > her username and just opening random preferences files... what is odd is > that the cyrus server shows now record of those mails being sent from her > account... log files say [squirrelmail authenticated user joe.doe] where her > username was mary.smith, for example. > > I was not able to replicate this behavior a 3rd time, and it only seemed to > be on her laptop.... I have not gotten any other reports of such symptoms... > > Under what conditions will squirrelmail take a username and password, and > pass them to a cyrus server as complete different username and password > sets... and they are correct sine the cyrus server took them.... It is not clear to me what you are looking at, but my guess is that the user's preferences have been changed/compromised, and that this has nothing to do with the account username and password. If the user can log in on the login screen with her username and password, then the IMAP server is not involved and the problem is simply that the preferences have been changed. This can happen by way of a known issue in SM where preferences can be replaced by other users who log in to the same SqurirelMail installation on a computer where another user on the same SquirrelMail server was already logged in. The solution in this case is to manually reset the user's preferences (by deleting the preference file or asking the user to change them in the personal options page) and to make it clear to all users that they should LOG OUT before anyone else logs in to SquirrelMail from the same computer. If the user's account password was somehow compromised, that has nothing to do with software and everything to do with password strength and/or personal computer security. Having the user change her password to something new and secure is a good idea in this case. > Any help is much needed and appreciated. > > Thanks in advenced and sorry for the log post... but I think it is necessary > > ------------------------------------------------------------------------- SF.Net email is sponsored by: Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace ----- squirrelmail-users mailing list Posting guidelines: http://squirrelmail.org/postingguidelines List address: squirrelmail-users@xxxxxxxxxxxxxxxxxxxxx List archives: http://news.gmane.org/gmane.mail.squirrelmail.user List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
