We've seen an increase in hackers using IMAP interface to hack POP accounts. IMAP or POP is automatically turned on in Mailenable, so I find no way to limit account login to just POP/SMTP protocol.
Is there a way to disable IMAP on a per-account basis? Otherwise, I'm having issues figuring out how to keep them out (other than blocking IP ranges in the server firewall).
IMAP seems to be an easy avenue for hackers to hack away at our user accounts - had one hacked last night. I only have a handful of IMAP users, mostly POP users - I see no way to disable IMAP for my POP users (that would be helpful, I think), so I'm at a loss about how to defend my POP users.
Anyone have any ideas about this? Any help appreciated.
Hackers using IMAP
-
- Site Admin
- Posts: 9738
- Joined: Mon Mar 22, 2004 4:44 am
- Location: Melbourne, Victoria, Australia
Re: Hackers using IMAP
Hi,
How do you know that IMAP is the avenue for the hackers? Do you see anything in particular in the IMAP log files? If you need to restrict IMAP at the postoffice/mailbox level then you will need to Enterprise edition for this feature. Also what version of MailEnable Professional are you running?
How do you know that IMAP is the avenue for the hackers? Do you see anything in particular in the IMAP log files? If you need to restrict IMAP at the postoffice/mailbox level then you will need to Enterprise edition for this feature. Also what version of MailEnable Professional are you running?
Regards,
Ian Margarone
MailEnable Support
Ian Margarone
MailEnable Support
Re: Hackers using IMAP
Ian,
I'm still on version 9.53
In the IMAP logs, I see many failed login attempts. Occasionally I see authentication, like this morning when I saw one user's account get hacked - German IP - all messages downloaded.
So this version doesn't allow me to disable IMAP? I need to upgrade?
I'm still on version 9.53
In the IMAP logs, I see many failed login attempts. Occasionally I see authentication, like this morning when I saw one user's account get hacked - German IP - all messages downloaded.
So this version doesn't allow me to disable IMAP? I need to upgrade?
-
- Site Admin
- Posts: 9738
- Joined: Mon Mar 22, 2004 4:44 am
- Location: Melbourne, Victoria, Australia
Re: Hackers using IMAP
Hi,
Firstly you need to upgrade 9.81 to address security issues and problems in MailEnable core services. Answering your question about disabling IMAP you can only do this globally in Professional. You need to upgrade to Enterprise for disabling it at the postoffice or mailbox level.
Firstly you need to upgrade 9.81 to address security issues and problems in MailEnable core services. Answering your question about disabling IMAP you can only do this globally in Professional. You need to upgrade to Enterprise for disabling it at the postoffice or mailbox level.
Regards,
Ian Margarone
MailEnable Support
Ian Margarone
MailEnable Support