Sv: Better not post your email password on a public mailing list, was: Re: no full syncs after upgra
Sebastian Nielsen
sebastian at sebbe.eu
Wed Apr 27 21:21:32 UTC 2022
Even more stupid that the IMAP port is available to the public. Should have been firewalled to authorized IPs only, then it wouldn't have mattered that the password have leaked.
-----Ursprungligt meddelande-----
Från: dovecot-bounces at dovecot.org <dovecot-bounces at dovecot.org> För Daniel Lange
Skickat: den 27 april 2022 14:59
Till: Paul Kudla (SCOM.CA Internet Services Inc.) <paul at scom.ca>
Kopia: dovecot at dovecot.org
Ämne: Better not post your email password on a public mailing list, was: Re: no full syncs after upgrading
Am 26.04.22 um 11:36 schrieb Paul Kudla (SCOM.CA Internet Services Inc.):
> #imapc_host = mail.scom.ca
> #imapc_password = Pk554669
> #imapc_user = paul at scom.ca
I suggest to change that password immediately.
$ openssl s_client -crlf -connect mail.scom.ca:993
CONNECTED(00000003)
* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ AUTH=PLAIN AUTH=LOGIN] SCOM.CA Internet Services Inc. - Dovecot ready A login paul at scom.ca Pk554669 A OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS BINARY MOVE SNIPPET=FUZZY PREVIEW=FUZZY PREVIEW STATUS=SIZE SAVEDATE LITERAL+ NOTIFY SPECIAL-USE] Logged in A status INBOX (messages)
* STATUS INBOX (MESSAGES 344)
A OK Status completed (0.002 + 0.000 + 0.001 secs).
^C
Kind regards,
Daniel
More information about the dovecot
mailing list