1
Jabber just retrieved all email addresses from domain, including internal only confidential email addresses
Question asked by Curtis Kropar www.HawaiianHope.org - 7/12/2015 at 11:35 AM
Unanswered
Hi
I am looking thought smarter mail logs trying to resolve a different problem, and got the the bottom and saw XMPP. Clicked on it and was shocked at seeing some instant messaging thing called Jabber send a request and pull out ALL of the email accounts, EVERY ACCOUNT, on a domain, including accounts we use for internal only and confidential data.
What the hell is that ?
It even returned the "_primaryadmin_" account to it as well.
 
Some of the shelters we work with also work with domestic violence issues. There are some accounts that are not to be used in the outside world at all whatsoever, and here now Jabber has them all ?
I am NOT OK with this activity of it returning every email address on a domain.
 
Is this a problem with smarter mail ?  At this point i am considering this to be a hack. Is Jabber integrated into Smartermail for something ?  I am about to block it
 

www.HawaiianHope.org - Providing technology services to non profit organizations, low income families, homeless shelters, clean and sober houses and prisoner reentry programs. Since 2015, We have refurbished over 11,000 Computers !

4 Replies

Reply to Thread
1
Grady Werner Replied
Employee Post
Curtis,
 
Nope, it's not a hack.  What you're seeing is an Instant Messaging client connecting to XMPP for your server.  This feature is something that can be enabled or disabled on a system, domain, or even user level basis. 
 
The list is going out because one of your domain users logged into an IM client and it's downloading the list of users that the user should see in the contact list.  Users that do not have XMPP enabled will not show up in the user list, nor will aliases with that feature disabled. 
 
If nobody uses it, go ahead and disable XMPP domain wide (in the features tab) or just remove the XMPP port from the ports section.
 
Some helpful links that give more detail:
 
http://portal.smartertools.com/kb/a2698/enable-smartermails-chat-feature.aspx
 
http://help.smartertools.com/SmarterMail/v14/Topics/SystemAdmin/Settings/Bindings/Ports.aspx
 
http://help.smartertools.com/SmarterMail/v14/Topics/SystemAdmin/Manage/AddDomain.aspx
 
Hope this helps.
Grady Werner SmarterTools Inc. www.smartertools.com
0
Thanks for your rapid reply.
 
In Your first link, section 2 "Enabling Chat for an User"
"5. Click the Service Access tab. "
"6. Select the Enable XMPP access checkbox."
 
There is no "Service Access" tab.
 
I don't want to necessarily kill off instant messaging for everyone, as in smarter mail chat.
I am looking at the user account now, and there are no "contacts" in the user account.  It is pulling the list from the "global address list" as a "Shared Resource: Read-Only"
 
I would want them the ability to chat internally, But i do NOT want some 3rd party app pulling every account like that. That should be opt in only.
 
www.HawaiianHope.org - Providing technology services to non profit organizations, low income families, homeless shelters, clean and sober houses and prisoner reentry programs. Since 2015, We have refurbished over 11,000 Computers !
0
Matt Petty Replied
Employee Post
These clients are connecting internally they have to be authenticated to connect to your server. This information is not just thrown out there. These clients do exactly what SmarterMail chat does, with the only difference of not being the browser but running as a program.
Matt Petty Software Developer SmarterTools Inc. (877) 357-6278 www.smartertools.com
1
Bruce Barnes Replied
Jabber clients can also be configured to use TLS encryption over port 5222.
 
Here are the PORT MAPPINGS we use for CHICAGONETTECH, and they include TLS on port 5222:
 
 
NOTES:
  1. Port 5223 was an "experimental" TLS encryption port for JABBER clients and is included only for backward compatibility.  The, now standardized, TLS port for JABBER is port 5222
     
  2. It is not necessary to configure and use port 5269 for your purposes.
Bruce Barnes ChicagoNetTech Inc brucecnt@comcast.net Phonr: (773) 491-9019 Phone: (224) 444-0169 E-Mail and DNS Security Specialist Network Security Specialist Customer Service Portal: https://portal.chicagonettech.com Website: https://www.ChicagoNetTech.com Security Blog: http://networkbastion.blogspot.com/ Web and E-Mail Hosting, E-Mail Security and Consulting

Reply to Thread