[RCU] Unknown user in users table, very odd, possible security hole

Jorge Bastos mysql.jorge at decimal.pt
Thu Feb 8 21:34:34 CET 2018


Oh,

 

Not in there but you made me remind about:

 

// Log successful/failed logins to <log_dir>/userlogins or to syslog

$config['log_logins'] = true;

 

Just enabled it, let's see.

 

The 2nd part of this, is that I have users that have sieve rules with a
redirect to strange emails, emails that are completely unknown to the
account owner, there's a hole somewere. and need to find it.

 

From: users-bounces at lists.roundcube.net
[mailto:users-bounces at lists.roundcube.net] On Behalf Of Hannu Hirvonen
Sent: quinta-feira, 8 de Fevereiro de 2018 20:19
To: users at lists.roundcube.net
Subject: Re: [RCU] Unknown user in users table, very odd, possible security
hole

 

On 08.02.2018 22:06, Jorge Bastos wrote:

That's what i would like to do, but where would i find that information?

In the users table isn't there, or I'm not searching in the correct place.

Something like /var/log/roundcubemail/userlogins perhaps?

-- 
  Hannu Hirvonen (hh at uwasa.fi, http://www.uwasa.fi/~hh/)
  Computer Centre, University of Vaasa, BOX 700, FI-65101 VAASA, Finland
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.roundcube.net/pipermail/users/attachments/20180208/46d4c4a1/attachment.html>


More information about the users mailing list