Arjen de Korte <arjen+ho...@de-korte.org> escribió:
Citeren mic...@casa.co.cu:
Thanks for respond my email , tomorrow i will send a email to all
my users in the system for change his passwords for precautions ,
but until yesterday the hacker use in the line "from" emails
address that ever exist in my active directory.
I have spf in my dns.
That may only help against others illegally using *your* domain on
*their* MTA. Not for people illegally using your *MTA* with *their
domain.
so how i can send email truth horde webmail when the email address
don't exists?
Only relay mail when the sender is SASL authenticated to Postfix
*and* is allowed to use the sender address. This drastically limits
what people can do when an user account is compromised and also will
quickly tell you which one if it ever happens.
how make this , if no possible that horde have a possible security
breach, a bug?
This isn't a Horde security problem and/or bug. You should harden
your MTA to prevent this.
Best regards, Arjen
Tomorrow i work to implement sasl authenticated in my MTA.
this is my config imp , i don't see where i can lock the from_address
$conf['spell']['params']['path'] = '/usr/bin/aspell';
$conf['spell']['driver'] = 'aspell';
$conf['utils']['gnupg_keyserver'] = array('pgp.mit.edu');
$conf['utils']['gnupg_timeout'] = 10;
$conf['utils']['openssl_cafile'] = '/somewhere/ca-bundle.crt';
$conf['utils']['openssl_binary'] = '/usr/bin/openssl';
$conf['menu']['apps'] = array('horde');
$conf['user']['select_sentmail_folder'] = false;
$conf['user']['allow_resume_all_in_drafts'] = true;
$conf['user']['allow_folders'] = true;
$conf['user']['allow_resume_all'] = false;
$conf['user']['allow_view_source'] = true;
$conf['user']['alternate_login'] = false;
$conf['user']['redirect_on_logout'] = false;
$conf['user']['select_view'] = true;
$conf['server']['server_list'] = 'shown';
$conf['server']['fixed_folders'] = array();
$conf['server']['sort_limit'] = 0;
$conf['server']['cache_folders'] = true;
$conf['server']['token_lifetime'] = 1800;
$conf['server']['cachejs'] = 'none';
$conf['server']['cachecss'] = 'none';
$conf['mailbox']['show_preview'] = false;
$conf['fetchmail']['show_account_colors'] = false;
$conf['fetchmail']['size_limit'] = 4000000;
$conf['msgcache']['use_msgcache'] = false;
$conf['mlistcache']['use_mlistcache'] = false;
$conf['msgsettings']['filtering']['words'] = './config/filter.txt';
$conf['msgsettings']['filtering']['replacement'] = '****';
$conf['spam']['reporting'] = false;
$conf['notspam']['reporting'] = false;
$conf['print']['add_printedby'] = false;
$conf['msg']['prepend_header'] = true;
$conf['msg']['append_trailer'] = true;
$conf['compose']['allow_receipts'] = true;
$conf['compose']['special_characters'] = true;
$conf['compose']['use_vfs'] = false;
$conf['compose']['link_all_attachments'] = false;
$conf['compose']['link_attachments_notify'] = true;
$conf['compose']['link_attachments'] = true;
$conf['compose']['attach_size_limit'] = 2524000;
$conf['compose']['attach_count_limit'] = 0;
$conf['compose']['reply_limit'] = 2000000;
$conf['hooks']['vinfo'] = false;
$conf['hooks']['postlogin'] = false;
$conf['hooks']['postsent'] = false;
$conf['hooks']['signature'] = false;
$conf['hooks']['trailer'] = false;
$conf['hooks']['fetchmail_filter'] = false;
$conf['hooks']['mbox_redirect'] = false;
$conf['hooks']['mbox_icon'] = false;
$conf['hooks']['spam_bounce'] = false;
$conf['hooks']['msglist_format'] = false;
$conf['hooks']['display_folder'] = false;
$conf['maillog']['use_maillog'] = true;
$conf['sentmail']['params']['threshold'] = 60;
$conf['sentmail']['params']['limit_period'] = 24;
$conf['sentmail']['params']['table'] = 'imp_sentmail';
$conf['sentmail']['params']['driverconfig'] = 'horde';
$conf['sentmail']['driver'] = 'sql';
$conf['tasklist']['use_tasklist'] = true;
$conf['notepad']['use_notepad'] = true;
and the horde config.
$conf['vhosts'] = false;
$conf['debug_level'] = E_ALL;
$conf['max_exec_time'] = 300;
$conf['compress_pages'] = true;
$conf['secret_key'] = '5cee22ed2d84cc4b803c11e8353d718def4b37b6';
$conf['umask'] = 077;
$conf['use_ssl'] = 2;
$conf['server']['name'] = $_SERVER['SERVER_NAME'];
$conf['server']['port'] = $_SERVER['SERVER_PORT'];
$conf['urls']['token_lifetime'] = 30;
$conf['urls']['hmac_lifetime'] = 30;
$conf['urls']['pretty'] = false;
$conf['safe_ips'] = array('192.168.0.0', '10.71.53.0');
$conf['session']['name'] = 'Horde';
$conf['session']['use_only_cookies'] = true;
$conf['session']['cache_limiter'] = 'nocache';
$conf['session']['timeout'] = 3200;
$conf['cookie']['domain'] = $_SERVER['SERVER_NAME'];
$conf['cookie']['path'] = '/';
$conf['sql']['persistent'] = false;
$conf['sql']['username'] = 'hordesql';
$conf['sql']['password'] = '**********';
$conf['sql']['hostspec'] = 'localhost';
$conf['sql']['port'] = 3306;
$conf['sql']['protocol'] = 'tcp';
$conf['sql']['database'] = 'hordedb';
$conf['sql']['charset'] = 'utf-8';
$conf['sql']['ssl'] = false;
$conf['sql']['splitread'] = false;
$conf['sql']['phptype'] = 'mysql';
$conf['auth']['admins'] = array('michel');
$conf['auth']['checkip'] = false;
$conf['auth']['checkbrowser'] = true;
$conf['auth']['alternate_login'] = false;
$conf['auth']['redirect_on_logout'] = false;
$conf['auth']['params']['app'] = 'imp';
$conf['auth']['driver'] = 'application';
$conf['signup']['allow'] = false;
$conf['log']['priority'] = PEAR_LOG_DEBUG;
$conf['log']['ident'] = 'HORDE';
$conf['log']['params'] = array();
$conf['log']['name'] = '/var/log/horde.log';
$conf['log']['type'] = 'syslog';
$conf['log']['enabled'] = true;
$conf['log_accesskeys'] = true;
$conf['prefs']['params']['driverconfig'] = 'horde';
$conf['prefs']['driver'] = 'sql';
$conf['alarms']['params']['driverconfig'] = 'horde';
$conf['alarms']['params']['ttl'] = 300;
$conf['alarms']['driver'] = 'sql';
$conf['datatree']['params']['driverconfig'] = 'horde';
$conf['datatree']['driver'] = 'sql';
$conf['group']['driver'] = 'datatree';
$conf['group']['cache'] = false;
$conf['perms']['driverconfig'] = 'horde';
$conf['perms']['driver'] = 'sql';
$conf['share']['no_sharing'] = false;
$conf['share']['any_group'] = false;
$conf['share']['cache'] = false;
$conf['share']['driver'] = 'sql';
$conf['cache']['default_lifetime'] = 1800;
$conf['cache']['driver'] = 'memcache';
$conf['lock']['params']['driverconfig'] = 'horde';
$conf['lock']['driver'] = 'sql';
$conf['token']['driver'] = 'none';
$conf['mailer']['params']['host'] = 'webmail.home.com';
$conf['mailer']['params']['port'] = 25;
$conf['mailer']['params']['localhost'] = 'server.home.com';
$conf['mailer']['params']['auth'] = false;
$conf['mailer']['type'] = 'smtp';
$conf['mailformat']['brokenrfc2231'] = false;
$conf['vfs']['params']['vfsroot'] = '/tmp';
$conf['vfs']['type'] = 'file';
$conf['sessionhandler']['type'] = 'none';
$conf['sessionhandler']['memcache'] = false;
$conf['problems']['email'] = 'supp...@home.com';
$conf['problems']['maildomain'] = 'home.com';
$conf['problems']['tickets'] = false;
$conf['problems']['attachments'] = true;
$conf['menu']['apps'] = array();
$conf['menu']['always'] = false;
$conf['menu']['links']['help'] = 'all';
$conf['menu']['links']['options'] = 'authenticated';
$conf['menu']['links']['problem'] = 'all';
$conf['menu']['links']['login'] = 'all';
$conf['menu']['links']['logout'] = 'authenticated';
$conf['hooks']['permsdenied'] = false;
$conf['hooks']['username'] = false;
$conf['hooks']['preauthenticate'] = false;
$conf['hooks']['postauthenticate'] = false;
$conf['hooks']['authldap'] = false;
$conf['hooks']['groupldap'] = false;
$conf['portal']['fixed_blocks'] = array();
$conf['accounts']['driver'] = 'null';
$conf['user']['verify_from_addr'] = false;
$conf['imsp']['enabled'] = false;
$conf['kolab']['enabled'] = false;
$conf['memcache']['enabled'] = false;
maybe there is something wrong in my config
----------------------------------------------
Webmail, servicio de correo electronico
Casa de las Americas - La Habana, Cuba.
--
IMP mailing list - Join the hunt: http://horde.org/bounties/#imp
Frequently Asked Questions: http://horde.org/faq/
To unsubscribe, mail: imp-unsubscr...@lists.horde.org
