Changing password doesn't force re-auth?
Problem reported by Peter Konshak - May 25 at 9:46 AM
Submitted
We had an account compromised by a spammer who had the account password.  Changing the password doesn't seem to force a re-auth, they were still able to send mail.  We had to kill the active connection, or failing that, I guess reboot the server.  Is this the way this is supposed to work?

3 Replies

Reply to Thread
0
JerseyConnect Team Replied
Yeah I've noticed this too on v15. Maybe it's different in v16 or will be in v17. We typically just disable compromised accounts to kill the active session, then reset the password and clean up the spool before re-enabling.
0
Ujjaval Patel Replied
Instead of rebooting the server, I restarted the SM service when this happens.
0
Peter Konshak Replied
Restarting the SM service works, but you do have to have access to the machine to do that. If you are out of town, no remote access, and trying to fix this remotely via the web-based admin, it may not be an option.

Reply to Thread