On Dec 18, 2007 6:57 AM, Rafael Mahecha <mahecha@xxxxxxxxx> wrote: > On Tue, December 18, 2007 4:39 am, Fredrik Jervfors wrote: > >>>> I guess I'll start with a short greeting to all out there... > >>>> and just so you know, this is my first post. > >>>> > >>>> As a background info, here is my configtest.php > >>>> > >>>> SquirrelMail configtest > >>>> > >>>> This script will try to check some aspects of your SquirrelMail > >>>> configuration and point you to errors whereever it can find them. You > >>>> need to go run conf.pl in the config/ directory first before you run > >>>> this script. > > > > [Snip] > > > >>>> Now the problem... we've been using sm for about a year, with good > >>>> results... this morning I was called to help a user how claimed that > >>>> the > >>>> emails that she was sending were being delivered as a coming from a > >>>> different user; she was running ie 6 (I think), and she was the only > >>>> person using her computer (so that rules out some one else using it > >>>> and > >>>> letting ie save their username and passwords to login to sm). > >>>> > >>>> In general our sm talkes to our cyrus server... all sm settings are > >>>> stored in the sm server and all other mailbox info in the cyrus > >>>> server... > >>>> > >>>> When I checked the destination mailbox for that mail that was sent > >>>> from > >>>> her account; the message headers did not show her username at all; > >>>> they were showing that the message came from a whole different user > >>>> (evethough she typed in her correct username and password at the login > >>>> screen). > >>> > >>> You probably mean the > From: header had an email address that did not > >>> belong to her....?? You need to be SPECIFIC about WHAT *EXACTLY* you > >>> checked and WHAT *EXACTLY* did not match or we cannot accurately help > >>> you. > >> > >> I mean every header (not just the FROM, etc.) in that email has a > >> different username than the one that logged in... > >> then when I tested myself, I user the user's username and password and > >> it > >> logged in as a complete different user (different from the username and > >> password that i typed and different from the one that was noted when the > >> user realized that something was wrong. > > > > The headers in the mails she send contains the information in her > > preference file. Examine the preference file for her account at the server > > and then correct it. > > > >>>> When I tried to send from her account, the composed window showed a > >>>> signature information that did not belong to her; and this was not > >>>> even > >>>> the same account that prompted the support call; is was like the sm > >>>> was > >>>> taking her username and just opening random preferences files... what > >>>> is > >>>> odd is that the cyrus server shows now record of those mails being > >>>> sent > >>>> from her account... log files say [squirrelmail authenticated user > >>>> joe.doe] where her username was mary.smith, for example. > >>>> > >>>> I was not able to replicate this behavior a 3rd time, and it only > >>>> seemed > >>>> to be on her laptop.... I have not gotten any other reports of such > >>>> symptoms... > >>>> > >>>> Under what conditions will squirrelmail take a username and password, > >>>> and pass them to a cyrus server as complete different username and > >>>> password sets... and they are correct sine the cyrus server took > >>>> them.... > >>> > >>> It is not clear to me what you are looking at, but my guess is that > >>> the user's preferences have been changed/compromised, and that this > >>> has nothing to do with the account username and password. If the user > >>> can log in on the login screen with her username and password, then > >>> the IMAP server is not involved and the problem is simply that the > >>> preferences have been changed. This can happen by way of a known > >>> issue in SM where preferences can be replaced by other users who log > >>> in to the same SqurirelMail installation on a computer where another > >>> user on the same SquirrelMail server was already logged in. The > >>> solution in this case is to manually reset the user's preferences (by > >>> deleting the preference file or asking the user to change them in the > >>> personal options page) and to make it clear to all users that they > >>> should LOG OUT before anyone else logs in to SquirrelMail from the > >>> same computer. > >> > >> The user was working on a laptop that was assigned to her... she > >> said that noone else has used that laptop... even if internet explorer > >> was > >> having a bug (remembering cookies or something like that), somehow it > >> transformed her username and password into someone else's... > > > > And she has never used any other computer to open her webmail? Based on > > your description of the problem I doubt that. Even though no one but her > > has used her computer, she must have used someone else's. > > > >> When I tested it, I closed her explorer and reopened it, typed her > >> username and password and it let me login with those credentials, but it > >> took me to a different user's prefs... even the signature that you > >> append > >> to the end of the messages was not hers... of course, it was that from > >> the other/wrong user... > > > > It was the credentials specified in her accounts preference file, which > > became corrupt when she used her account at someone else's computer. > > > Good morning, and thanks for the reply... yes, it is defenitly possible that > she used someone else's computer... so the solution (as other replys > expressed) would be just to delete her pref file and let it be recreated at > next login? It was already explained more than once. Yes, delete the prefs file OR have the user go to the Personal Preferences (and/or Display Preferences) page and fix the prefs from there. The first solution will work for certain because the prefs get wiped, whereas the second solution assumes the user is competent enough to fix their own preferences. > >>> If the user's account password was somehow compromised, that has > >>> nothing to do with software and everything to do with password > >>> strength and/or personal computer security. Having the user change > >>> her password to something new and secure is a good idea in this case. > >>> > >>>> Any help is much needed and appreciated. > >>>> > >>>> Thanks in advance and sorry for the log post... but I think it is > >>>> necessary > > > > Sincerely, > > Fredrik > > > > PS. Please don't post in HTML to the list (see: > > <http://squirrelmail.org/postingguidelines>). ------------------------------------------------------------------------- SF.Net email is sponsored by: Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace ----- squirrelmail-users mailing list Posting guidelines: http://squirrelmail.org/postingguidelines List address: squirrelmail-users@xxxxxxxxxxxxxxxxxxxxx List archives: http://news.gmane.org/gmane.mail.squirrelmail.user List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
