Back to Community Threads
Unable to login to SmarterMail
Problem reported by Mark Milton - 2/3/2026 at 2:49 AM
Submitted
M
Something has happened over night and I can no longer login to the webmail as a user or admin

If I try login as a Admin I get
That domain was not found. Double check your email address.

As a user
There was an error logging into this account. Please contact your domain or system administrator.

Any ideas how I can fix this ASAP?
J
Jack. Replied
2/3/2026 at 2:54 AM
M
Mark Milton Replied
2/3/2026 at 3:07 AM
Thanks

Will reset the Admin password now

I guess doing the upgrade route will remove all files they have uploaded to the MRS folder
M
Mark Milton Replied
2/3/2026 at 3:12 AM
Stopped the SM Service to do the password reset and now the service won't start

Windows could not start the SmarterMail Server service on Local Computer.
Error 1053: The service did not repond to the start or control request in a timely fashion.
Howell Dell Replied
2/3/2026 at 3:22 AM
I am afraid to have to inform you that SmarterMail had several CVEs that were just announced in the last few weeks that would allow many "older" versions of SmarterMail to be taken over by bad actors. This sounds like this is what happened to you. 

Not sure what build version is nor more about your config or your situation with the license, however, its more than likely that is your issue. Any version of SM prior to Build 9526 (Jan 30, 2026) is now compromised. You need to upgrade to the version above ASSP. 

If the future do NOT use Admin or Administrator usernames as your login, also have 2FA on and Restrict IP if possible.

But since the CVEs allow for file auth bypass upload and admin auth bypass its an serious issue. It is also more than likely your server has been loaded with various kinds of backdoors aka RATs (Remote Access Tools) and other malware.

Everything I Host is via a VM so I built a new VM from scratch and only migrated the data in less than 24 hours. I did see that some RATs were installed on my server. I caught this very quickly so the damage seems to have been minimal on my end.

If you are on a newer version of SmarterMail that uses JSON files for config then you can follow these notes to regain access--https://portal.smartertools.com/kb/a2739/reset-administrator-username-and-password.aspx. If you are on an older version then I'm not exactly sure.

I wrote and PowerShell script to scan all users to report when was the last password change so I could see how much trouble I was in. If you go back a few posts you can learn more about this. You can ask Co-Pilot to help you with Powershell.

Good luck to you....
M
Mark Milton Replied
2/3/2026 at 3:25 AM
So the only way to get access again is by building a new VM and move the domains over?

I did try to admin password reset by editing the json file but I can't get the service to restart

I have 2 SM servers so far only one has been hut. The other is running a really old version 16

Be happy to pay someone to fix this
Howell Dell Replied
2/3/2026 at 3:29 AM
 
Mark Milton: I guess doing the upgrade route will remove all files they have uploaded to the MRS folder...
The bad actors have escaped the MRS folder and files can be any place. The latest version of SM has its own Web Server built in so the MRS folder is only a proxy now.

What build are you on? A .Net Core Edition?

The bad actors likely have installed other software like they did on mine. You are going to have to do a deep clean of the server. If you are on a VM my recommendation it to build a refresh install then follow the SM migration process to a new Server.

For newer versions of SM sometime you often have to manually stop the mailservice.exe that is hanging around. I normally go into task manager and stop that process so I can restart SmarterMail Service.
Howell Dell Replied
2/3/2026 at 3:39 AM
If you are on a newer version of SmarterMail then migration is fairly straight forward... Check out https://portal.smartertools.com/kb/a2724/migrate-smartermail-to-a-different-server.aspx. You only need the C:\Program Files*\SmarterTools\SmarterMail\Service\Settings and the SmarterMail Folder with Domains, Spool and so on... Often in C:\SmarterMail but I place mine on a D: drive.

I just went thru this twice in a matter of months as my backup software (unrelated to this issue) failed for some strange reason that I could not figure. Build a new VM I did!
J
J. LaDow Replied
2/3/2026 at 7:46 AM
The server you cannot login to or do not have control of should be immediately disconnected from the public internet. It has been fully compromised. If your anti-virus/EDR is not seeing the .ASPX files dropped in your SmarterMail folders as malicious, then there is something wrong with it because they are almost guaranteed to be malicious. Upload any one of them to VirusTotal for verification. In addition, the very first set of vulnerabilities that allowed the file uploads also contained a path-escape - which means there can be files ANYWHERE on the server's filesystem - not just inside the SmarterMail folders. 

Later vulnerabilities allowed full administrator account takeover - this enabled all kinds of nefarious things - from hijacking the Windows Server startup process and more. If your service won't restart - that means you are most likely already in the data-exfiltration and ransom encryption phase. 

Attacks on SmarterMail servers started at the very tail end of 2025 -- so you will need to go that far back for backups that don't have corruption in the file system and piece things together from there most likely.

My company offers managed servers and managed hosting including SmarterMail - if your maintenance and support agreements are up to date then we could possibly assist in rebuilding the configurations. 

DMs are open - but there are bugs in the forums that when DMs are sent to a user, you need to go back into the conversation and "UNBLOCK" the people in the conversation or they will not be able to reply.
MailEnable survivor / convert --
Back to Community Threads

Reply to Thread

Enter the verification text
Related Knowledge Base Articles
500 Error After Upgrading to the Latest BuildSmarterMail > Troubleshooting
Deploying Rspamd For Use With SmarterMailSmarterMail > Server Configuration and Management
Migrating SmarterMail to LinuxSmarterMail > Server Configuration and Management
Customizing SmarterMail's Webmail InterfaceSmarterMail > Installation and Configuration
Key Feature and Version Milestones in SmarterMailSmarterMail