MailEnable Security

Feb 25, 2007

I didn't see this posted anywhere here so I just thought I'd give everyone who uses MailEnable a heads up. If you are not using the most up to date version of MailEnable, run to [url] and download it.

I have seen couple of dozen boxes getting infected because they had a MailEnable Standard 1.95 for instance (or Professional 2.11), or anything else that's not up to date. Virus(es) are severe and will cause you a lot of problems... if your server still hasn't been infected and you're not using the latest MailEnable, go upgrade right away!

If you are a hosting company and are using Plesk 7.6.1 you definitely have your helpdesk swapped by now. Biggest problem is that Plesk 7.6.1 comes with MailEnable Std 1.95 where the latest version is 1.981. I have seen servers that were clean OS installs, Plesk 7.6.1 installed and 5 minutes after the box was compromised.

If you are still able to access the box by RDP (or have access to it locally), make sure to disable MailEnable SMTP Relay Service. This is not a part of MailEnable and if you don't disable it you won't be able to remove rdriv.sys from your system32 directory which does quite something to your server. Also check for following:

C:windowssystem32a.exe
C:windowssystem32ot.exe
C:windowssystem32w.exe
C:windowssystem32gethashes.exe
C:windowssystem32getsyskey.exe
C:windowssystem32
c.exe
C:windowssystem32
driv.sys
C:windowssystem32start.bat

Make sure you don't have script1.txt in system32, and if you have it make sure to remove it. It contains:

open XXX.XXX.XXX.XXX (IP edited away by Boon Chuan to prevent abuse)
user anonymous
anonymous@on.the.net
lcd c:windowssystem32
get explorer.exe
get runservice_bis.dll
get kill.exe
get fport.exe
get hyberport.exe
get JASFV.INI
bye

Nothing has been heard from SWsoft about this issue yet...

View 6 Replies


ADVERTISEMENT

Helm - MailEnable

Dec 5, 2008

when i click "Email Accounts" section in Helm see "Failed to get Email Accounts",also cant add any new Email Account,
Helm Log:

Cannot create ActiveX component. at Microsoft.VisualBasic.Interaction.CreateObject(String ProgId, String ServerName) at MailEnable.Administration.Mailbox.GetAutoResponderStatus() at WHA.Helm.Providers.MailEnableProvider.MailEnableEngine.GetAccount(String name) at WHA.Helm.Providers.MailEnableProvider.MailEnableEngine.GetAccountList() at MailEnableProvider.ListEmailAccounts(ProviderData CommandData) ......

View 3 Replies View Related

Antispam Fro MailEnable

Jun 18, 2007

free antispam tool for my MailEnable mail server.

I have found Pinta which claims to be an antispam software for MailEnable mail servers.

Did anyone heard of them? Is it safe? Does it do the work?

If you know any other antispam software

View 8 Replies View Related

MailEnable To HMail

Jun 15, 2007

I have MailEnable free on a windows server with Plesk 8.1.

I need IMAP so I thought at hMail. The problem:

I need to copy all the mail content to hMail as I understand Plesk will copy all the accounts except the mail content.

I have found that I can use some vbs from PMM but that requires me to know all the accounts passwords and to do manually every backup/restore for all the e-mails.

Is there an other way to switch to hMail without loosing the mail content ? (IMAPCopy is not an option as it need IMAP and that is not present in MailEnable free, and also needs all all the passwords for all the accounts).

An other problem, I do not have an other windows server so I cannot use Plesk Migration Manager to migrate accounts and then migrate back.

View 2 Replies View Related

Malicious Mail Sent Out Via MailEnable On Localhost

Jun 5, 2008

we received a report of a malicious mail being sent from our servers. Problem is that the sender and recipients are not hosted with us. What I'm trying to find out is how the mail got sent out. The ME logs shows that the connection was made from 127.0.0.1 to the smtp service, but that's it.

We don't run mail services (pop3/imap/webmail) on the web servers, if that helps any. Have run out of ideas after sifting thru lots of logs (was trying to find if anyone called an application to send the mail and attachments out), but came up empty.

View 7 Replies View Related

Setup MailEnable To Use External Mailserver For A Domain

Jul 9, 2009

SmarterMail 5.x is setup on one of our servers into Plesk 9.2. Just wondering how I configure a domain to use an external mailserver.

For example, the domain mydomain.org is running it's own extermal
mailservers;

mail.mydomain.org
mail2.mydomain.org

In MailEnable I would do the following;

- Start | Programs | Mailenable Administrator

- MailEnable | MailEnable Management | Messaging Manager | Post Offices

- Expand the mydomain.org domain

- Right-click the Domains folder and choose 'Properties"

- Select the 'domain is disabled' checkbox

- Select the 'Act as Smart Host'
checkbox

- In the 'Redirect mail to' textarea enter in the external
mailserver names;

mail.mydomain.org
mail2.mydomain.org

How can I configure SmarterMail to use the external mailservers of a domain?

View 0 Replies View Related

Mailenable : Copy All Inbound / Outbound Email

Feb 16, 2007

I'm using the free edition of MailEnable and need to configure each post office to copy all incoming and outgoing email to one of the email accounts on the same post office.

Is there a way to configure this ?

I know I can configure mail forwarding on incoming mail per account but need to do it for all acounts (except the audit account).

e.g. anythinghere@dbnetsolutions.co.uk
incoming or outgoing would be copied to audit@dbnetsolutions.co.uk

View 0 Replies View Related

Mailenable Possibly Sending Out Spam But Nothing In Logs

Feb 22, 2007

My server running mailenable is possibly sending out spam because ive had a returned mail saying my IP is on a blacklist at CBL.

IP Address 64.X.X.10 was found in the CBL.

It was detected at 2007-02-17 13:00 GMT (+/- 30 minutes), approximately 5 days, 5 hours, 30 minutes ago.

However when i checked my smtp and pop logs i only see small ammounts of mail thats been delivered.

When I run the netstat command have the following connections. The ones to the .nl domain looks strange

C:Documents and SettingsAdministrator>netstat

Active Connections

Proto Local Address Foreign Address State
TCP server:telnet server.indis.nl:3409 CLOSE_WAIT
TCP server:telnet server.indis.nl:3410 CLOSE_WAIT
TCP server:epmap dsl10-037.express.oricom.ca:2253 ESTABLISHED
TCP server:1121 ipchicken.com:http CLOSE_WAIT
TCP server:1122 ipchicken.com:http CLOSE_WAIT
TCP server:1136 ipchicken.com:http CLOSE_WAIT
TCP server:1138 ipchicken.com:http CLOSE_WAIT
TCP server:1199 ecostumeshop.com:domain ESTABLISHED
TCP server:telnet server.indis.nl:3326 CLOSE_WAIT

View 2 Replies View Related

Plesk 11.x / Windows :: Restore MailEnable Accounts

Oct 16, 2013

Next error:

C:Windows>"%plesk_bin%mchk.exe" --all --fix=all
Data error (cyclic redundancy check). (Error code 23) at BCryptDecrypt()

I restore all mail accounts from backup and use this command : "%plesk_bin%mchk.exe" --all --fix=all

How can I fix this?

View 3 Replies View Related

Plesk 11.x / Windows :: MailEnable Standard Known Limits?

Nov 7, 2013

Any LIMITS using MailEnable regarding hosting. How many domains (or maximum users) can serve?

I come from a Merak mail server solution .... with about 400 domains and 3000 users .... and I must admit that the server has had some problems.

Plesk provides MailEnable Standard edition .... but according to the Feature Comparison in this version .... should not be present IMAP ???

[URL] ....

I can use IMAP for customers?

View 2 Replies View Related

Plesk 12.x / Windows :: MailEnable Locate Spammer

Nov 5, 2014

My System is a Windows Server 2012 r2 with Plesk 12.

On this system i have installed MailEnable as my Mailserver.

So at the moment something is spam on this server, but i can't find out who is it.

Received: from win02.XXXXXX([MY IP] helo=WIN02.home)
(envelope-from <root@XXXXXXXX>)
id 1XlyHP-00038b-R0
for x; Wed, 05 Nov 2014 11:57:37 +0100

[Code].....

The header is meaning that the spams come from root@, but there is no account with the name root@...

On linux it is so easy to find the spam with qmail or postfix. Why mailenable it is so difficult

View 3 Replies View Related

Plesk 12.x / Windows :: Add Existing MailEnable Mailbox To Configuration

Mar 8, 2015

Plesk Windows 12, MailEnable mailserver

I added users directly to mailenable (using their migration utility to import from an old mail server which plesk does not support). The domains exist in plesk but not the individual email users/mailboxes.

Now I want to add those email users to plesk but it doesn't let (not surprisingly), when I try to add a user it returns an error: "Unable to update the mail account properties:mailmng failed: MEAOPO.Mailbox.AddMailbox failed"

My question is: How can I add the users that already exist in MailEnable to the plesk configuration? (i.e. ignore the error and add the user to the plesk database, or even better yet if plesk can read the configuration and add all users)

Tthe plesk kb articles suggest running mchk.exe but that is designed to take users from plesk and add them to mailenable, I need the reverse).

View 3 Replies View Related

Plesk 11.x / Windows :: Configure Mailing Lists With MailEnable?

Sep 19, 2012

Is there a way to configure the mailing lists created with Plesk (using MailEnable 6.5) using Plesk or another web interface like it is possible with mailman under Linux?

It is not very convenient to be required to do such stuff via RDP (and so manual by me for every customer)...

View 1 Replies View Related

Plesk Automation :: PPA 11.5 - MailEnable Disk Usage Calculation

Jan 19, 2014

I have been a Plesk Panel user for several years and I found PPA very interesting because of its great scalability.

It has been time consuming to figure it out how PPA handles several Plesk Panel aspects.

Does PPA has support for MailEnable disk usage calculation? If it does, where? and how often does it collect disk usage info from Mail Service Node??

View 3 Replies View Related

Plesk 11.x / Windows :: Can Update Mailenable Standard Edition

Sep 19, 2013

I use Windows Plesk v 11.5.30 with Mailenable Standard Edition 7.0 version. In mailenable site i saw a new version of Mailenable standard version (7.5.1). URL...Can i download and update Mailenable version of my Windows PLesk? If i made this change and have problem can i do downgrande later?

View 2 Replies View Related

Plesk 11.x / Windows :: Mailenable Postoffice Connector Stop Every Hour

Aug 2, 2013

A few months ago my Mailenable Postoffice Connector stop every hour. Sometimes more than one hour, sometimes less than hour.

I updated my Plesk to lasted version 11.5.30 but still has a problem,

When this happen the Email clients works without receive any message until i started the Mailenable Postoffice Connector again.

I'm loosing a lot clients because of this.

I use Microsoft Windows Server 2008 with all updates installed.

[URL]....

View 4 Replies View Related

Plesk 11.x / Windows :: Mailenable Webmail Access (multiple Webspaces)

Mar 20, 2014

I have 2 webspaces on my server, www.a.com and www.b.com

I initially setup www.a.com, everything works fine and I can access the emails for a.com through webmail.a.com

Then I setup www.b.com using almost identical DNS settings, except that each domain has its own dedicated IP

Now, the problem is I am not able access webmail.b.com, the error message is server not found, why is this?

It seems that I can only access the emails for b.com using webmail.a.com

I have mailenable version 8 standard installed...

View 2 Replies View Related

Joomla Security / Linux Security

Apr 4, 2008

I run a web hosting company and one of my servers is a LAMP server running CentOs 5. A user of mine has a Joomla installation running to manage his website and he has run into the following problem that I am puzzled by.

When Joomla adds a component or module to itself, or when a user uses the Joomla upload functionality, Joomla will add the new files under the user name "apache". This makes sense as it is the apache service running PHP that is actually creating the files.

However, when he FTP's into the account to modify these files, he doesn't have the appropriate permissions to do so as he doesn't have a root level login, just permissions on his home directory which is the site. Any help would be much appreciated.

Also, does anyone know how to change the owner/group of a directory and all of its sub directories in Linux without changing the actual permissions? I.e. some of the files in the folder have different permissions (0644 as apposed to 0755) than its parent but if I do a top down user/group change on the folder it will change everything in that folder to 0755.

View 10 Replies View Related

Web Security

Jul 16, 2009

I have regarding hosting/designing my application. Users of my website upload highly sensitive files to the server. I'll use SSL but will that be enough since the files are not encrypted on the server. I tried to encrypt the files but that is adding a huge overhead.

My first question is - is it a good idea to store the files on the server rather than a database? My other question is regarding hosting; I'm thinking of building my own server and host it in a colo. Is colo more secure than dedicated hosting? Currently i'm still in the process of developing my App and my environment is Windows Server 2008/SQL Server 2005.

View 13 Replies View Related

Mod Security

Feb 9, 2007

Is there any problems with having duplicate rules in different files as I have downloaded some rules and am going to make them all into one file to give me the best protection, but this is going to take time and I really need some sort of protection now

View 2 Replies View Related

Security

Aug 25, 2007

after install ConfigServer Firewall i get the following ...

ConfigServer Security & Firewall - csf v2.89 >>
PHP Check >>
Check php for register_globals >>
WARNING >> You should modify the PHP configuration (usually in /usr/local/lib/php.ini) and set:
register_globals = Off

unless it is absolutely necessary as it is seen as a significant security risk

must i modify it?or not? put in ur consideration i tried to download it to modify an error occured!

View 2 Replies View Related

How Much Security

Aug 24, 2007

I am on a shared server account with Lunar Pages basic hosting plan.

The only script file I have up running is db Masters FormM@iler. It runs on Cpanel. I deleted whatever other scripts I could find on my server. The site is just basic html pages with jpgs and a gif.

Is there much else I really need to do to secure the server or is that more in Lunar Pages' hands?

If there is still more I can do to secure the server, and is it a small amount that's easy to do or would it be wise to just hire someone else to put in a few hours making sure everything is truly set up securely?

View 5 Replies View Related

Security

Apr 23, 2007

I have a vps that has been exploited, and the hosting company is giving me advise on what to do to fix the security problems, but i need a good server administrator/company to help me with this. can anyone recommend a company that will go thru my server,

View 8 Replies View Related

On Becoming A Security

Mar 27, 2007

I'm inheriting a website that is currently a mess. It was designed in Joomla, but everything about the site by the original designer, is completely a mess. Files weren't placed in their proper directory hiearchy, the site has been hacked into a few times...basically a big headache.

I'm willing to learn and my first goal is the redesign the site. Currently, I'm looking at choosing a CMS or just rebuilding it in Joomla. The problem is that the site is a big part of the business, so any down time is not good.

I have some questions I hope you experienced folks can help me with...

Does CMS choice have any bearing on whether or not its a security vulnerability? If so, which one's are "less a target" of getting hit?

I just want to design the site from scratch and make it secure as possible from suggestions on various forums. I don't want to be a security admin, but is that what I'll end up having to do to run a site like this?

What are my options between "doing it myself" vs "hiring a third party"?

The company is right now in a tween stage. Fast growth but not enough to hire a security guy, based on my talks with the CEO. I disagree with this, but what can I do in the meantime to plug the site holes?

I'm almost wanting to go commercial so I don't have all the headaches, but the company wants to save money. What can be done in those situations?

Before I go out and spend money on books, what do you recommend I buy to start getting my feet wet in what may become a future in IT security?

This is from someone who's just inherited a dedicated server with a swiss cheese website. What is the first order of business for someone who is in the dark and will not get much support in regards to spending more money?

how do I secure my site "on my own"?

View 5 Replies View Related

Php Security

Feb 26, 2007

I noticed that my vps had utilized 250 gig of traffic in one day [i average 5 gig per MONTH] with cpu usage of close 100%; my hosting company pinpointed one php file which had allowed an outside varibale to be placed in "include" function so that the outside php code was being run;

Is there any program/scripts that can immediately email me if cpu usage stays high
the nic card is being utilized too much memory usage exceed certain levles this way, i would know i have been hijacked in time and try to find the culprit i use knownhost with cpanel/linux mysql and php.

View 5 Replies View Related

Security

Jul 21, 2007

i have an unix server [don't know what version i think it's FreeBSD ]

[url]

and i use WS_FTP to upload the files to my server.. but i have a big problem all my files are encrypted with some problems but when people use getrigh browser or some kind off program to acess my server instead of a normal browser it appears the list of files i have upload and they can download them and when i set password for images etc it's all safe, but people can't acess parts of the site without password... i want to know if there's some way of protect my file without interfering with the normal browser acess.

View 9 Replies View Related

Security

Jul 24, 2007

when we run server with shared hosting. we mostly facing issue os security like c9shell scripts.. as well as ppl hacked database or changed index.html. we do enable php open base dir as well as mo security firewall we do search which user is using find command who is uploading file... but is there any other way to secure server for such hacking issue..

View 5 Replies View Related

Security

Mar 26, 2007

I have run rkhunter and got message saying that /bin/dmesg [BAD]

# rpm -qf /bin/dmesg
util-linux-2.12a-16.EL4.20
# rpm -V util-linux-2.12a-16.EL4.20
.M...... /usr/bin/chsh

It looks like RPM damaged? How can I confirm it?

View 2 Replies View Related

Security

Jul 10, 2007

When securing a vps system, do things like Enable Shell Fork Bomb/Memory Protection use much memory or any other secuirty measure?

View 3 Replies View Related

Security

Oct 31, 2007

We have a e-commerce web site that has the latest shopping cart software ( that is known to be secure) ssl cert, etc.

We got a call today from a guy who says that he used his brand new card on our web site and that the card was stolen and used on anothoer site within hours. We have checked every file on the web site, logging into serevr root and checking everything and cant find any evidence of a hack or security breach of any kind.

can someone recommend a reliable company that can go in and check things out for us to see if they can find anny security issues, or evidence of a breach? There must be a company out there that does this sort of thing

View 4 Replies View Related

Web Hosting Security

Apr 8, 2008

I am conducting some research into potential risks that web hosts have to deal with on a daily basis. What potential security risks are there for web hosts ? And how do they overcome these issues?

View 6 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved