Back to Community Threads
4
SM 15.x security?
Question asked by Billy Huddleston - 7/7/2016 at 7:31 PM
Answered
Just upgraded from 13.x to 15.x over the 4th.  I just had 2 of my clients email accounts get hacked and spammers send spam from them.  Using the new password reset system. I generated temporary passwords for both accounts. (Different domains)  and promptly nuked all mail in the queue from the users.  I was just alerted to more spamming from the SAME accounts.  My clients haven't even logged in to change the passwords yet.. So how the heck did they log back in?

6 Replies

Reply to Thread
0
Michael Replied
7/7/2016 at 7:34 PM
Would love to hear what happened here and how it gets resolved.
0
Billy Huddleston Replied
7/7/2016 at 9:36 PM
I'm wondering if the original password stays in effect regardless of the temp password. ??
0
Matt Petty Replied
7/8/2016 at 8:33 AM
Employee Post
Yes a temporary password sits alongside the main password.
Matt Petty Software Developer SmarterTools Inc. (877) 357-6278 www.smartertools.com
0
Matt Petty Replied
7/8/2016 at 8:34 AM
Employee Post Marked As Answer
The temporary password acts as a secondary means of logging in. You should set the main password to something secure and alert the customer of the new password.
Matt Petty Software Developer SmarterTools Inc. (877) 357-6278 www.smartertools.com
0
Kelly Anderson Replied
7/10/2016 at 9:44 AM
- EAS support mailboxes to 50 GB
- EXPERT ADVISORS AS THEY ARE COMMONLY REFERRED TO support for Outlook 2010
- Global Address List have all addresses including E-mail lists
- Allow email archiving on an user basis rather than website basis
- Proactively combine MAPI over HTTP so we have full support for Outlook 2016 clients
- Support for Get in touch with Groups in Outlook (ofcourse not the webmail - that is for private users)
- Ability to limit number of connections for an user
Top 10 paying ptc sites Buy crackers online ahmedabad Clash Royale Small Army power
0
Billy Huddleston Replied
7/11/2016 at 1:07 PM
@Kelly, Uhh.. WHAT??
Back to Community Threads

Reply to Thread

Related Knowledge Base Articles

Manually Securing SmarterMail Using Let's Encrypt and Certify the WebSmarterMail > Installation and Configuration
Configure SSL/TLS to Secure SmarterMailSmarterMail > Server Configuration and Management
Configure SmarterMail as a Free Gateway ServerSmarterMail > Server Configuration and Management
Deploying Rspamd For Use With SmarterMailSmarterMail > Server Configuration and Management
Configure Perfmon to capture Disk IO activity and potential Disk Issues.SmarterMail > Troubleshooting