Jabber just retrieved all email addresses from domain, including internal only confidential email addresses
Question asked by Curtis Kropar www.HawaiianHope.org - July 12, 2015 at 11:35 AM
Unanswered
Hi
I am looking thought smarter mail logs trying to resolve a different problem, and got the the bottom and saw XMPP. Clicked on it and was shocked at seeing some instant messaging thing called Jabber send a request and pull out ALL of the email accounts, EVERY ACCOUNT, on a domain, including accounts we use for internal only and confidential data.
What the hell is that ?
It even returned the "_primaryadmin_" account to it as well.
 
Some of the shelters we work with also work with domestic violence issues. There are some accounts that are not to be used in the outside world at all whatsoever, and here now Jabber has them all ?
I am NOT OK with this activity of it returning every email address on a domain.
 
Is this a problem with smarter mail ?  At this point i am considering this to be a hack. Is Jabber integrated into Smartermail for something ?  I am about to block it
 

www.HawaiianHope.org - Providing technology services to non profit organizations, homeless shelters, clean and sober houses and prisoner reentry programs. in 2018, in just one year, we gave away 1,000 Free Computers !

4 Replies

Reply to Thread
1
Grady Werner Replied
Employee Post
Curtis,
 
Nope, it's not a hack.  What you're seeing is an Instant Messaging client connecting to XMPP for your server.  This feature is something that can be enabled or disabled on a system, domain, or even user level basis. 
 
The list is going out because one of your domain users logged into an IM client and it's downloading the list of users that the user should see in the contact list.  Users that do not have XMPP enabled will not show up in the user list, nor will aliases with that feature disabled. 
 
If nobody uses it, go ahead and disable XMPP domain wide (in the features tab) or just remove the XMPP port from the ports section.
 
Some helpful links that give more detail:
 
 
 
 
Hope this helps.
Grady Werner
Development Manager
SmarterTools Inc.
(877) 357-6278
www.smartertools.com
0
Thanks for your rapid reply.
 
In Your first link, section 2 "Enabling Chat for an User"
"5. Click the Service Access tab. "
"6. Select the Enable XMPP access checkbox."
 
There is no "Service Access" tab.
 
I don't want to necessarily kill off instant messaging for everyone, as in smarter mail chat.
I am looking at the user account now, and there are no "contacts" in the user account.  It is pulling the list from the "global address list" as a "Shared Resource: Read-Only"
 
I would want them the ability to chat internally, But i do NOT want some 3rd party app pulling every account like that. That should be opt in only.
 

www.HawaiianHope.org - Providing technology services to non profit organizations, homeless shelters, clean and sober houses and prisoner reentry programs. in 2018, in just one year, we gave away 1,000 Free Computers !

0
Matt Petty Replied
Employee Post
These clients are connecting internally they have to be authenticated to connect to your server. This information is not just thrown out there. These clients do exactly what SmarterMail chat does, with the only difference of not being the browser but running as a program.
Matt Petty
Software Developer
SmarterTools Inc.
(877) 357-6278
www.smartertools.com
1
Bruce Barnes Replied
Jabber clients can also be configured to use TLS encryption over port 5222.
 
Here are the PORT MAPPINGS we use for CHICAGONETTECH, and they include TLS on port 5222:
 
 
NOTES:
  1. Port 5223 was an "experimental" TLS encryption port for JABBER clients and is included only for backward compatibility.  The, now standardized, TLS port for JABBER is port 5222
     
  2. It is not necessary to configure and use port 5269 for your purposes.
Bruce Barnes
ChicagoNetTech Inc
brucecnt@comcast.net

Phonr: (773) 491-9019
Phone: (224) 444-0169

E-Mail and DNS Security Specialist
Network Security Specialist

Customer Service Portal: https://portal.chicagonettech.com
Website: https://www.ChicagoNetTech.com
Security Blog: http://networkbastion.blogspot.com/

Web and E-Mail Hosting, E-Mail Security and Consulting

Reply to Thread