Search  
You are here:  Forums    
Latest Posts Minimize
RE: Multiple copies being sent + smtp 451 by gyroscopes on 12-03-2008 11:23 PM
RE: connection limit? by RemyV on 12-03-2008 9:28 PM
connection limit? by NateDawg on 12-03-2008 7:38 PM
RE: Multiple copies being sent + smtp 451 by gyroscopes on 12-02-2008 12:00 AM
RE: vbs script for deleting users with MLSRVX.DLL by SteveT on 12-01-2008 11:04 PM
RE: Export server and users configuration by SteveT on 12-01-2008 11:00 PM
Multiple copies being sent + smtp 451 by gyroscopes on 12-01-2008 10:02 PM
Export server and users configuration by gcvoiron on 12-01-2008 8:46 AM
RE: vbs script for deleting users with MLSRVX.DLL by krommetje on 11-30-2008 3:02 PM
I can send, but can't receive by amanda on 11-29-2008 9:26 PM

Top 10 Links Minimize

ArGoStuff User to User Support Forums Minimize
Forums > General Discussion Forums > ArGoSoft Mail Server
Subject: Mail Server Hacked!
Prev Next
You are not authorized to post a reply.

Author Messages
Oyster

Posts: 4
Online: User is Offline
ArGoNuke Recruit
ArGoNuke Recruit
09-17-2008 4:00 PM  

Hi, I have been using Argosoft mailserver for a short while and twice, in the span of 10 days, it has been hacked by outside sources (many added new/fake users) causing blacklisting of our IP = most mail we send gets 'bounced' by the recipients servers because we are now blacklisted.

After the first time, I checked our server with 3 different antivirus programs and nothing was found. I had our IP cleared by the powers that be - and just 3 days later was hacked again. Our only way out of permanent blacklist is to now change our IP!

What other server or Mailserver or firewall settings are there to prevent this from ever happening again?

Thanks
mcorrow
Forum Moderator
Posts: 240
Online: User is Offline
ArGoNuke Lt. JG
ArGoNuke Lt. JG
09-17-2008 4:11 PM  
I'm sure that you thought of this, but did you change the server passwords?
Matt
Oyster

Posts: 4
Online: User is Offline
ArGoNuke Recruit
ArGoNuke Recruit
09-17-2008 5:17 PM  

Yes, today I changed the password but have not turned the server on. I want to see if there are more changes offered on this forum before doing so. Thanks!
mcorrow
Forum Moderator
Posts: 240
Online: User is Offline
ArGoNuke Lt. JG
ArGoNuke Lt. JG
09-17-2008 5:24 PM  
We got hacked once, immediately changed the passwords, and have not been again..(of course that's not to say that it couldn't happen)...
Matt
Oyster

Posts: 4
Online: User is Offline
ArGoNuke Recruit
ArGoNuke Recruit
09-17-2008 6:03 PM  

I was thinking, as an added security feature, that the number of mail accounts could be set to,
say 4, then locked, so that no one could ADD an arbitrary number of spam accounts.

If there IS such a setting or an .ini file parameter, I would like to know.

...something to munch on...
SteveT
Forum Administrator

Posts: 2583
Online: User is Offline
ArGoNuke Admiral
ArGoNuke Admiral
09-17-2008 7:17 PM  
Did you disable the creation of user accounts from the Web interface? Tools -> User & Domains -> Right click & select properties. You will see an options for "Allow Creation of accounts from web interface". Also for Web Administration, you can turn this on/off per domain and be sure to set a good strong password. Also set an Admin Password. If you do not use Web Administration, then you can disable that all together.
Top Cat Computing BOINC Team StatsRegards,
Steve Topilnycky
Top Cat Computing
http://www.topcatcomputing.com
Oyster

Posts: 4
Online: User is Offline
ArGoNuke Recruit
ArGoNuke Recruit
09-17-2008 9:22 PM  

Sorry, I should have specified: I have disabled imap and webmail.

Our setup is only for a small number (<5) of local, static employees.

We all use Outlook or OE clients locally

Thanks!
SteveT
Forum Administrator

Posts: 2583
Online: User is Offline
ArGoNuke Admiral
ArGoNuke Admiral
09-17-2008 10:14 PM  
Just trying to cover all the bases.
Top Cat Computing BOINC Team StatsRegards,
Steve Topilnycky
Top Cat Computing
http://www.topcatcomputing.com
DougD

Posts: 4
Online: User is Offline
ArGoNuke Recruit
ArGoNuke Recruit
09-19-2008 11:28 AM  
If you are running the mail server pro you need to go into the web templates and remove the "newuser.htm" or "addnewuser.htm" teplate that should fix the hacking problem. happend to me as well when I was using pro version.
You are not authorized to post a reply.
Forums > General Discussion Forums > ArGoSoft Mail Server > Mail Server Hacked!


ActiveForums 3.7

Donations Minimize

Find our site useful? Make a donation to show your support

Donate

logo_ccMC.giflogo_ccVisa.giflogo_ccDiscover.giflogo_ccAmex.gif

ArGoStuff Supporters

 

News from ArGoSoft Minimize
1 2 3 4 5 6 7

Mail Server Pro v1.8.9.6
  • Improved Export to .NET function - sometimes email messages were not getting exported, because the database of email messages was not up to date. Now each folder gets rebuilt before the export function;
12/2/2008 11:19:02 PM
Email Address Validator

We have discontinued our email address validation service, and launched new web site:

http://www.emailaddressvalidator.com

It provides the web service interface to validate lists of email addresses. We hope that our service will help to reduce unwanted traffic on Internet, ensuring that mail is sent only to valid and legitimate addresses.

Sign up now, and get 150 free validations!

11/25/2008 10:13:02 AM
Mail Server v1.0.5.8

Mail Server

  • Mailbags now have an option to accept mail only when specified server is down - will help to fight with spam which attempt to deliver mail bypassing the main server;
  • When delivering mail, if main exchanger returns 4xx reply (temporary problem), the server will not try other exchangers, will retry later the main exchanger;
  • Server options moved from registry to a XML file. 64 bit versions of Vista and 2008 server appear to be having access rights problems to the Windows registry, and the change will make our server more compatible with 64 bit versions;
  • Added an option to specify the number of lines on the log screen, when using the user interface. Was causing memory problems if left running for long time;
  • Fixed couple of problems, which were showing when SQL server was set up to use case sensitive SQL statements;
  • Made changes in the remoting interface to allow logging in using aliases;

Web Interface

  • Made changes to allow logging in using aliases;
  • When viewing folders, web interface now displays the name of logged in user;
11/12/2008 2:31:31 PM
FTP Server v1.0.1.6
  • Server settings have been moved from registry to the XML file, which will be located in the common application data directory. 64 bit versions of Windows were having trouble writing into the registry; similar change is coming to the mail server;
  • If used, XML files (Users.XML, Groups.XML and ServerOptions.XML) will also be moved to the common application data directory;
11/8/2008 11:41:29 PM
FTP Server v1.0.1.5
  • When performing active data transfers on systems with multiple IP addresses, data connections were using first available IP address, rather than one on which the control connection was active. It was causing confusion with firewalls and routers;
11/2/2008 9:39:24 PM

1 2 3 4 5 6 7

Protect Your Computer today withGet AVG Today


Home:ArGoStuff:Forums:Articles:Cyber Security Tips:FAQ:Downloads:Links
Copyright 2006-2008 by ArGoStuff Terms Of Use Privacy Statement