Mercury mail hacked?

Problems with the Windows version of XAMPP, questions, comments, and anything related.

Mercury mail hacked?

Postby Ishutaru » 15. March 2017 11:44

Hi guys, I have an issue. I configured my Mercury mail and it was working fine for a month. Today I logged in to my admin account and saw a ton of Mail delivery errors "Postmaster Notify: Delivery Failure." I had no idea what happened so I logged on to my server to check it out. The server was just spamming some crap back and forth starting minutes after the midnight.. There was 350k messages about some Mustafa .. anyway I googled that its a random scam.. But my question is HOW DID THIS HAPPEN? Any way to get rid of it? Currently my mercury mail server is down until I do something.
Image

Also the log file was 25mb and it contains thousands of "rcpt TO:" enteries from an IP address that made 20 connections at the same time???
Ishutaru
 
Posts: 7
Joined: 04. December 2016 21:44
XAMPP version: 5.6.28
Operating System: Windows 7 Professional

Re: Mercury mail hacked?

Postby Nobbie » 15. March 2017 16:08

Ishutaru wrote:HOW DID THIS HAPPEN? Any way to get rid of it?


Not secured good enoug, to weak passwords or similar. Everything depends on your configuration (which we dont know). Mercury does not come with a proper setup, its all your config. How can WE know, what happened to your Server??
Nobbie
 
Posts: 13170
Joined: 09. March 2008 13:04

Maybe not hacked :/ Hmmm...

Postby Ishutaru » 15. March 2017 16:35

I looked into the issue, analysed the log and it might be email spoofing that i'm reading about right now, as I only get delivery failure emails and there is nothing in my Sent mail. My password has caps and numbers. Any way to prevent this so called email spoofing?
Ishutaru
 
Posts: 7
Joined: 04. December 2016 21:44
XAMPP version: 5.6.28
Operating System: Windows 7 Professional

Re: Mercury mail hacked?

Postby Altrea » 15. March 2017 16:38

Don't use XAMPP in live or public accessible environments.
We don't provide any support via personal channels like PM, email, Skype, TeamViewer!

It's like porn for programmers 8)
User avatar
Altrea
AF Moderator
 
Posts: 11926
Joined: 17. August 2009 13:05
XAMPP version: several
Operating System: Windows 11 Pro x64

Re: Mercury mail hacked?

Postby Ishutaru » 15. March 2017 20:44

Altrea wrote:Don't use XAMPP in live or public accessible environments.

This advice almost gave me cancer :D I'm an IT tech.(

But anyway I figured out that my mailbox wasn't hacked in any way .. it's just someone is using my email as "From:" to send automated spam and whenever it is sent to a non existing email I receive the "Delivery Failed" email with the contents of that email. The only possible workaround I found is to change users login name... from admin@domain.com to somethingelse@domain.com

Is it even possible to configure mercury mail to automatically stop, delete or refuse the "Delivery error" messages being returned? I understand there isn't much I can do :(
Ishutaru
 
Posts: 7
Joined: 04. December 2016 21:44
XAMPP version: 5.6.28
Operating System: Windows 7 Professional

Re: Mercury mail hacked?

Postby Nobbie » 15. March 2017 20:53

Ishutaru wrote:Is it even possible to configure mercury mail to automatically stop, delete or refuse the "Delivery error" messages being returned? I understand there isn't much I can do :(


Arent you an IT Tech?! You told so - if i were you, i would find out that on myself. Anyway, Mercury configuration support is far beyond the scope of this forum, you should go for an Mercury forum instead.
Nobbie
 
Posts: 13170
Joined: 09. March 2008 13:04

Re: Mercury mail hacked?

Postby Altrea » 15. March 2017 21:09

Ishutaru wrote:I'm an IT tech.(

What does that mean?
That you can use software in a way it is not created for and still get support for it on it's volunteer support board?
If you use a software in a way it is not designed for you are on your own with problems generated from that misusage.
We don't provide any support via personal channels like PM, email, Skype, TeamViewer!

It's like porn for programmers 8)
User avatar
Altrea
AF Moderator
 
Posts: 11926
Joined: 17. August 2009 13:05
XAMPP version: several
Operating System: Windows 11 Pro x64

Dissapointed

Postby Ishutaru » 15. March 2017 22:17

Altrea wrote:
Ishutaru wrote:I'm an IT tech.(

What does that mean?
That you can use software in a way it is not created for and still get support for it on it's volunteer support board?
If you use a software in a way it is not designed for you are on your own with problems generated from that misusage.


Oh my god ... "What does that mean?"... I don't work with email servers, no one cares about email servers where I live. I do it from my own curiosity. And not all IT techs know EVERYTHING, I don't even work with servers, i'm working with hardware and laptop repairs. You can look up the meaning of "IT technician" here:
Code: Select all
http://learn.org/articles/What_is_an_IT_Support_Technician.html
that's pretty much what I do every day. It doesn't really say anything about email servers and stuff.
I'm just saying that suggestions like "did you try doing the obvious thing" or "You should't do the super obvious thing because it's obviously unsecure" annoy me hard.

Also you are saying it's volunteer support board. It's the ONLY XAMPP support board I know about.

And what do you mean by "use software in a way it is not created for". Are you saying XAMPP has Mercury mail in it not for making a mailbox?
Ishutaru
 
Posts: 7
Joined: 04. December 2016 21:44
XAMPP version: 5.6.28
Operating System: Windows 7 Professional

Re: Mercury mail hacked?

Postby Altrea » 15. March 2017 22:27

It annoys me hard that an IT tech uses a tool in a way it is not designed for (despite all warning and hints).
XAMPP is a bundle of highly specified tools needing an experienced administrator to get configured against security for public accessible environments.
Just because XAMPP makes it very easy to install these tools locally does not mean that a novice can handle them in every case.
We don't provide any support via personal channels like PM, email, Skype, TeamViewer!

It's like porn for programmers 8)
User avatar
Altrea
AF Moderator
 
Posts: 11926
Joined: 17. August 2009 13:05
XAMPP version: several
Operating System: Windows 11 Pro x64

...

Postby Ishutaru » 15. March 2017 23:20

I still dont understand what do you mean by "in a way it is not designed"
Ishutaru
 
Posts: 7
Joined: 04. December 2016 21:44
XAMPP version: 5.6.28
Operating System: Windows 7 Professional

Re: Mercury mail hacked?

Postby Altrea » 16. March 2017 00:18

XAMPP is designed to make it really easy to install most common webserver components locally as local test and development environment.
Focus is not on security, performance, scalability or stability. The XAMPP components do have multiple settings that are insecure on public accessible environments.
We don't provide any support via personal channels like PM, email, Skype, TeamViewer!

It's like porn for programmers 8)
User avatar
Altrea
AF Moderator
 
Posts: 11926
Joined: 17. August 2009 13:05
XAMPP version: several
Operating System: Windows 11 Pro x64

Re: Dissapointed

Postby Nobbie » 16. March 2017 13:44

Ishutaru wrote:I'm just saying that suggestions like "did you try doing the obvious thing" or "You should't do the super obvious thing because it's obviously unsecure" annoy me hard.


Very good - it is meant to annoy you! Because you annoy us by ignoring the fact, that Xampp is designed and meant for development only(!) and NOT for online productivity. We are NOT the right forum for your issues having in a production environment, that annoys me hard!
Nobbie
 
Posts: 13170
Joined: 09. March 2008 13:04


Return to XAMPP for Windows

Who is online

Users browsing this forum: No registered users and 150 guests