Page 2 of 2 FirstFirst 12
Results 11 to 14 of 14

Thread: More a hacker/security question than a Zimbra issue

  1. #11
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,587
    Rep Power
    58

    Default

    I guess that would imply someone trying to guess a password via port 143 (IMAP) which, according to your earlier post, isn't accessible from external to your LAN. Is that an IP address you recognise? According to a geoip location it's an IP in New Delhi, India - a common source of bots/spammers.

    If you have access to your IMAP server from outside the LAN you should also be using IMAPS not IMAP for security.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  2. #12
    Join Date
    Sep 2007
    Posts
    7
    Rep Power
    8

    Default

    Seems like the admin account is locked out because of too many login attempts on the IMAP port.

    I hereby moved my own account to a 'user type account' and created a new admin account; not named admin to prevent future lockout.

    I blame myself for the consequences of this setup.

  3. #13
    Join Date
    Sep 2007
    Posts
    7
    Rep Power
    8

    Default

    Noticed very sharp, Bill.
    Indeed I need to admit my IMAP and IMAP(S) ports are also open.

  4. #14
    Join Date
    Sep 2007
    Posts
    7
    Rep Power
    8

    Default

    The lockout of the account could have been prevented or could have had less impact on the administration of the server if the lockout would have been either temporary (like an hour or so) or if it the lockout would be on
    a combination of the user account and the IP address making the request.

    Anyway; locking out the admin is ALWAYS better than a comprimised mailserver

    Thanks for your feedback!

Similar Threads

  1. [SOLVED] Postfix unavailable - queue down
    By pmona in forum Administrators
    Replies: 20
    Last Post: 01-21-2010, 10:03 PM
  2. postfix relay=none status=bounced for local mails
    By vdd in forum Administrators
    Replies: 1
    Last Post: 08-06-2009, 09:05 AM
  3. dspam logrotate errors
    By michaeln in forum Users
    Replies: 7
    Last Post: 02-19-2007, 12:45 PM
  4. huge log size
    By rmvg in forum Administrators
    Replies: 5
    Last Post: 01-02-2007, 10:39 AM
  5. Unable to start tomcat
    By chanck in forum Administrators
    Replies: 11
    Last Post: 06-11-2006, 01:58 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •