| User being hacked - even after changing the password several times [message #130615] |
Wed, 29 June 2016 09:45  |
Computerdoc
Messages: 2
Registered: June 2011
|
|
|
|
Hi there,
i`m running Kerio Connect 9.0.4 patch 1 (1154) Mac OS X (10.11.2). One of my users seemed to be hacked. Lots of messages were sent through this account to all kinds of unknown receipients.
I disabled the account, checked all the clients which used that account for viruses (1 x Mac and 1 x Android smartphone), changed the password - using a secure one - and enabled the account again.
But still there are lots of outgoing messages through this account which i did not send and cannot explain. What else can i do? I checked my Kerio sercurity settings. But they seem to be correct.
Greets
T.
|
|
|
|
| Re: User being hacked - even after changing the password several times [message #130623 is a reply to message #130615] |
Wed, 29 June 2016 17:11  |
j.a.duke
Messages: 239
Registered: October 2006
|
|
|
|
Computerdoc wrote on Wed, 29 June 2016 03:45Hi there,
i`m running Kerio Connect 9.0.4 patch 1 (1154) Mac OS X (10.11.2). One of my users seemed to be hacked. Lots of messages were sent through this account to all kinds of unknown receipients.
I disabled the account, checked all the clients which used that account for viruses (1 x Mac and 1 x Android smartphone), changed the password - using a secure one - and enabled the account again.
But still there are lots of outgoing messages through this account which i did not send and cannot explain. What else can i do? I checked my Kerio sercurity settings. But they seem to be correct.
Greets
T.
Are you sure they are being sent through your server?
If so, you should see them in the Mail log. If they don't exist there, then they are being sent from another server using the address of your user (spoofing).
Implementing DKIM is one way of trying to reduce the likelihood of spoofing an address.
Cheers,
Jon
|
|
|
|
|
|
Members
Search
Help
Register
Login
Home
