Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » Kerio Connect server being hacked (Mailserver hacked)
  •  
BasT

Messages: 1
Karma: 0
Send a private message to this user
It seems that our Kerio Connect mailserver is being hacked by out going spammers sending mail from Crying or Very Sad our mailserver. The server is updated to the latest release of Kerio Connect.
Are there any suggestions or forum items with some hints and tips ?

Thans in advance,

Bas
  •  
TorW

Messages: 769
Karma: 9
Send a private message to this user
Is this based on a hunch, readings in tea leaves or some kind of Spider-Man sense? I think we would need more details to help you out here ...
  •  
Yohann94

Messages: 49

Karma: 1
Send a private message to this user
We used to be hacked a year ago. The guy enter the smtp server by using a user named test (password test) that I had forgotten to delete. I remove this user (once I've found the hole) and never have been hacked again.
  •  
blackbox

Messages: 82
Karma: 0
Send a private message to this user
Are you able to view the "Sender-Host" within the logs? If so, where is the traffic coming from?

Is Configuration\SMTP Server\Relay Controls\SMTP relay options\ configured correctly?

Does the settings within SMTP relay options allow relaying for an IP range that includes your firewall/gateway?
  •  
robsik

Messages: 75

Karma: 0
Send a private message to this user
The main question is about details of your suspisions - some logs, examples and so on. The next question is if you have on your firewall control of outgoing SMTP - there is possibility that you have malware on your network on some desktops.
The question is about configuration of services on your KMS - have you SMTP SSL turn of or on? It looks that SMTP SSL doesn't use SMPT settings, so should be closed...

Robert
  •  
marook

Messages: 520

Karma: 3
Send a private message to this user
If you thinkg someone is miss-using one of your accounts, ask your users to change password!
Make sure users use a safe password!

Regards,

Jakob Peterhänsel
Consultant - Humac A/S

Apple Certified Support Professional (ACSP)
Apple Certified Technical Coordinator (ACTC)
AppleSeed/CQF member since 1998
Kerio Messaging Partner
  •  
giobbi

Messages: 90
Karma: 0
Send a private message to this user
Thats why not having a password policy in Kerio is insane. For gods sake Kerio - just infuse it plz.
Previous Topic: moving to new hardware
Next Topic: Kerio Connect and licence
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Sun Nov 19 21:03:21 CET 2017

Total time taken to generate the page: 0.00477 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.