Author Topic: Security updates 1.3.3, 1.2.7 and 1.1.10 released  (Read 1921 times)

Offline SKaero

  • Administrator
  • Hero Member
  • *****
  • Posts: 5,289
    • http://SKaero.com/
Security updates 1.3.3, 1.2.7 and 1.1.10 released
« on: November 08, 2017, 06:10:43 PM »
We just published updates to all stable versions from 1.1.x onwards delivering fixes for a recently discovered file disclosure vulnerability in Roundcube Webmail.

Apparently this zero-day exploit is already being used by hackers to read Roundcube’s configuration files. It requires a valid username/password as the exploit only works with a valid session. More details will be published soon under CVE-2017-16651.

The Roundcube series 1.0.x is not affected by this vulnerability but we nevertheless back-ported the fix in order to protect from yet unknown exploits.

See the full changelog for the according version in the release notes on the Github download pages: v1.3.3, v1.2.7, v1.1.10 v1.0.12

We strongly recommend to update all productive installations of Roundcube with either one of these versions.

Mitigation
In order to check whether your Roundcube installation has been compromised check the access logs for requests like ?_task=settings&_action=upload-display&_from=timezone. As mentioned above, the file disclosure only works for authenticated users and by finding such requests in the logs you should also be able to identify the account used for this unauthorized access. For mitigation we recommend to change the all credentials to external services like database or LDAP address books and preferably also the des_key option in your config.

Source: https://roundcube.net/news/2017/11/08/security-updates-1.3.3-1.2.7-and-1.1.10
Get it Now: https://roundcube.net/download

Offline ElasticUser

  • Jr. Member
  • **
  • Posts: 39
Re: Security updates 1.3.3, 1.2.7 and 1.1.10 released
« Reply #1 on: November 30, 2017, 03:24:46 AM »
I installed 1.2.7 from GitHub, and It's not logging in and sending messages properly.  It goes very slow, and hardly ever logs in.  A server tech has no clue what's causing that.  Any ideas?  :--) 
« Last Edit: November 30, 2017, 03:34:29 AM by ElasticUser »

Offline SKaero

  • Administrator
  • Hero Member
  • *****
  • Posts: 5,289
    • http://SKaero.com/
Re: Security updates 1.3.3, 1.2.7 and 1.1.10 released
« Reply #2 on: November 30, 2017, 12:32:33 PM »
Whats in your error log?

Offline ElasticUser

  • Jr. Member
  • **
  • Posts: 39
Re: Security updates 1.3.3, 1.2.7 and 1.1.10 released
« Reply #3 on: November 30, 2017, 12:44:54 PM »
[30-Nov-2017 07:30:23 +0000]: <v6vg3979> Session auth check failed for v6vg3979g16nu9i2h4tfkbvga4; timeslot = 2017-11-30 07:30:00
[30-Nov-2017 07:30:23 +0000]: <v6vg3979> Session authentication failed for v6vg3979g16nu9i2h4tfkbvga4; invalid auth cookie sent; timeslot = 2017-11-30 07:20:00
[30-Nov-2017 07:39:44 +0000]: <r7u9fnmo> Session auth check failed for r7u9fnmoek1kmuus9qitj7lgp1; timeslot = 2017-11-30 07:35:00
[30-Nov-2017 07:39:44 +0000]: <r7u9fnmo> Send new auth cookie for r7u9fnmoek1kmuus9qitj7lgp1: bIPIylwpkN07xlV8XAFQ426vjB-1512027000
[30-Nov-2017 07:40:46 +0000]: <r7u9fnmo> Session auth check failed for r7u9fnmoek1kmuus9qitj7lgp1; timeslot = 2017-11-30 07:40:00
[30-Nov-2017 07:40:46 +0000]: <r7u9fnmo> Send new auth cookie for r7u9fnmoek1kmuus9qitj7lgp1: bIPIylwpkN07xlV8XAFQ426vjB-1512027300
[30-Nov-2017 07:45:51 +0000]: <r7u9fnmo> Session auth check failed for r7u9fnmoek1kmuus9qitj7lgp1; timeslot = 2017-11-30 07:45:00
[30-Nov-2017 07:45:51 +0000]: <r7u9fnmo> Send new auth cookie for r7u9fnmoek1kmuus9qitj7lgp1: bIPIylwpkN07xlV8XAFQ426vjB-1512027600
[30-Nov-2017 07:50:16 +0000]: <r7u9fnmo> Session auth check failed for r7u9fnmoek1kmuus9qitj7lgp1; timeslot = 2017-11-30 07:50:00
[30-Nov-2017 07:50:16 +0000]: <r7u9fnmo> Send new auth cookie for r7u9fnmoek1kmuus9qitj7lgp1: bIPIylwpkN07xlV8XAFQ426vjB-1512027900
[30-Nov-2017 07:55:19 +0000]: <r7u9fnmo> Session auth check failed for r7u9fnmoek1kmuus9qitj7lgp1; timeslot = 2017-11-30 07:55:00
[30-Nov-2017 07:55:19 +0000]: <r7u9fnmo> Send new auth cookie for r7u9fnmoek1kmuus9qitj7lgp1: bIPIylwpkN07xlV8XAFQ426vjB-1512028200
[30-Nov-2017 08:00:19 +0000]: <r7u9fnmo> Session auth check failed for r7u9fnmoek1kmuus9qitj7lgp1; timeslot = 2017-11-30 08:00:00
[30-Nov-2017 08:00:19 +0000]: <r7u9fnmo> Send new auth cookie for r7u9fnmoek1kmuus9qitj7lgp1: bIPIylwpkN07xlV8XAFQ426vjB-1512028500
[30-Nov-2017 08:05:22 +0000]: <r7u9fnmo> Session auth check failed for r7u9fnmoek1kmuus9qitj7lgp1; timeslot = 2017-11-30 08:05:00
[30-Nov-2017 08:05:22 +0000]: <r7u9fnmo> Send new auth cookie for r7u9fnmoek1kmuus9qitj7lgp1: bIPIylwpkN07xlV8XAFQ426vjB-1512028800
[30-Nov-2017 08:10:00 +0000]: <r7u9fnmo> Session auth check failed for r7u9fnmoek1kmuus9qitj7lgp1; timeslot = 2017-11-30 08:10:00
[30-Nov-2017 08:10:00 +0000]: <r7u9fnmo> Send new auth cookie for r7u9fnmoek1kmuus9qitj7lgp1: bIPIylwpkN07xlV8XAFQ426vjB-1512029100
[30-Nov-2017 08:17:00 +0000]: <r7u9fnmo> Session auth check failed for r7u9fnmoek1kmuus9qitj7lgp1; timeslot = 2017-11-30 08:15:00
[30-Nov-2017 08:17:00 +0000]: <r7u9fnmo> Send new auth cookie for r7u9fnmoek1kmuus9qitj7lgp1: bIPIylwpkN07xlV8XAFQ426vjB-1512029400
[30-Nov-2017 08:20:18 +0000]: <r7u9fnmo> Session auth check failed for r7u9fnmoek1kmuus9qitj7lgp1; timeslot = 2017-11-30 08:20:00
[30-Nov-2017 08:20:18 +0000]: <r7u9fnmo> Send new auth cookie for r7u9fnmoek1kmuus9qitj7lgp1: bIPIylwpkN07xlV8XAFQ426vjB-1512029700
[30-Nov-2017 08:25:18 +0000]: <r7u9fnmo> Session auth check failed for r7u9fnmoek1kmuus9qitj7lgp1; timeslot = 2017-11-30 08:25:00
[30-Nov-2017 08:25:18 +0000]: <r7u9fnmo> Send new auth cookie for r7u9fnmoek1kmuus9qitj7lgp1: bIPIylwpkN07xlV8XAFQ426vjB-1512030000
[30-Nov-2017 08:30:19 +0000]: <r7u9fnmo> Session auth check failed for r7u9fnmoek1kmuus9qitj7lgp1; timeslot = 2017-11-30 08:30:00
[30-Nov-2017 08:30:19 +0000]: <r7u9fnmo> Send new auth cookie for r7u9fnmoek1kmuus9qitj7lgp1: bIPIylwpkN07xlV8XAFQ426vjB-1512030300
[30-Nov-2017 08:35:18 +0000]: <r7u9fnmo> Session auth check failed for r7u9fnmoek1kmuus9qitj7lgp1; timeslot = 2017-11-30 08:35:00
[30-Nov-2017 08:35:18 +0000]: <r7u9fnmo> Send new auth cookie for r7u9fnmoek1kmuus9qitj7lgp1: bIPIylwpkN07xlV8XAFQ426vjB-1512030600
[30-Nov-2017 08:40:19 +0000]: <r7u9fnmo> Session auth check failed for r7u9fnmoek1kmuus9qitj7lgp1; timeslot = 2017-11-30 08:40:00
[30-Nov-2017 08:40:19 +0000]: <r7u9fnmo> Send new auth cookie for r7u9fnmoek1kmuus9qitj7lgp1: bIPIylwpkN07xlV8XAFQ426vjB-1512030900
[30-Nov-2017 08:45:19 +0000]: <r7u9fnmo> Session auth check failed for r7u9fnmoek1kmuus9qitj7lgp1; timeslot = 2017-11-30 08:45:00
[30-Nov-2017 08:45:19 +0000]: <r7u9fnmo> Send new auth cookie for r7u9fnmoek1kmuus9qitj7lgp1: bIPIylwpkN07xlV8XAFQ426vjB-1512031200
[30-Nov-2017 08:50:20 +0000]: <r7u9fnmo> Session auth check failed for r7u9fnmoek1kmuus9qitj7lgp1; timeslot = 2017-11-30 08:50:00
[30-Nov-2017 08:50:20 +0000]: <r7u9fnmo> Send new auth cookie for r7u9fnmoek1kmuus9qitj7lgp1: bIPIylwpkN07xlV8XAFQ426vjB-1512031500
[30-Nov-2017 08:55:18 +0000]: <r7u9fnmo> Session auth check failed for r7u9fnmoek1kmuus9qitj7lgp1; timeslot = 2017-11-30 08:55:00
[30-Nov-2017 08:55:18 +0000]: <r7u9fnmo> Send new auth cookie for r7u9fnmoek1kmuus9qitj7lgp1: bIPIylwpkN07xlV8XAFQ426vjB-1512031800
[30-Nov-2017 09:00:19 +0000]: <r7u9fnmo> Session auth check failed for r7u9fnmoek1kmuus9qitj7lgp1; timeslot = 2017-11-30 09:00:00
[30-Nov-2017 09:00:19 +0000]: <r7u9fnmo> Send new auth cookie for r7u9fnmoek1kmuus9qitj7lgp1: bIPIylwpkN07xlV8XAFQ426vjB-1512032100
[30-Nov-2017 09:05:18 +0000]: <r7u9fnmo> Session auth check failed for r7u9fnmoek1kmuus9qitj7lgp1; timeslot = 2017-11-30 09:05:00
[30-Nov-2017 09:05:18 +0000]: <r7u9fnmo> Send new auth cookie for r7u9fnmoek1kmuus9qitj7lgp1: bIPIylwpkN07xlV8XAFQ426vjB-1512032400
[30-Nov-2017 09:10:18 +0000]: <r7u9fnmo> Session auth check failed for r7u9fnmoek1kmuus9qitj7lgp1; timeslot = 2017-11-30 09:10:00
[30-Nov-2017 09:10:18 +0000]: <r7u9fnmo> Send new auth cookie for r7u9fnmoek1kmuus9qitj7lgp1: bIPIylwpkN07xlV8XAFQ426vjB-1512032700
[30-Nov-2017 09:15:18 +0000]: <r7u9fnmo> Session auth check failed for r7u9fnmoek1kmuus9qitj7lgp1; timeslot = 2017-11-30 09:15:00
[30-Nov-2017 09:15:18 +0000]: <r7u9fnmo> Send new auth cookie for r7u9fnmoek1kmuus9qitj7lgp1: bIPIylwpkN07xlV8XAFQ426vjB-1512033000
[30-Nov-2017 09:20:19 +0000]: <r7u9fnmo> Session auth check failed for r7u9fnmoek1kmuus9qitj7lgp1; timeslot = 2017-11-30 09:20:00
[30-Nov-2017 09:20:19 +0000]: <r7u9fnmo> Send new auth cookie for r7u9fnmoek1kmuus9qitj7lgp1: bIPIylwpkN07xlV8XAFQ426vjB-1512033300
[30-Nov-2017 09:25:18 +0000]: <r7u9fnmo> Session auth check failed for r7u9fnmoek1kmuus9qitj7lgp1; timeslot = 2017-11-30 09:25:00
[30-Nov-2017 09:25:18 +0000]: <r7u9fnmo> Send new auth cookie for r7u9fnmoek1kmuus9qitj7lgp1: bIPIylwpkN07xlV8XAFQ426vjB-1512033600
[30-Nov-2017 15:43:14 +0000]: <r7u9fnmo> Session auth check failed for r7u9fnmoek1kmuus9qitj7lgp1; timeslot = 2017-11-30 15:40:00
[30-Nov-2017 15:43:14 +0000]: <r7u9fnmo> Session authentication failed for r7u9fnmoek1kmuus9qitj7lgp1; invalid auth cookie sent; timeslot = 2017-11-30 15:30:00
« Last Edit: November 30, 2017, 03:35:41 PM by ElasticUser »

Offline SKaero

  • Administrator
  • Hero Member
  • *****
  • Posts: 5,289
    • http://SKaero.com/
Re: Security updates 1.3.3, 1.2.7 and 1.1.10 released
« Reply #4 on: December 01, 2017, 12:39:29 PM »
So are you able to login or is it hanging at the login page?

Offline ElasticUser

  • Jr. Member
  • **
  • Posts: 39
Re: Security updates 1.3.3, 1.2.7 and 1.1.10 released
« Reply #5 on: December 01, 2017, 12:43:11 PM »
It's usually hanging.  Sometimes it surprises me and logs in, but hardly ever.  :--)
« Last Edit: December 03, 2017, 02:29:28 PM by ElasticUser »

Offline SKaero

  • Administrator
  • Hero Member
  • *****
  • Posts: 5,289
    • http://SKaero.com/
Re: Security updates 1.3.3, 1.2.7 and 1.1.10 released
« Reply #6 on: December 01, 2017, 07:49:21 PM »
Enable imap_debug and post the log that is created when you try to login.

Offline ElasticUser

  • Jr. Member
  • **
  • Posts: 39
Re: Security updates 1.3.3, 1.2.7 and 1.1.10 released
« Reply #7 on: December 01, 2017, 08:15:09 PM »
Already was enabled.  Below is 5.  :--)

[30-Nov-2017 07:05:54 +0000]: <oboq6gva> [5ED6] S: * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE NAMESPACE AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
[30-Nov-2017 07:05:54 +0000]: <oboq6gva> [5ED6] C: A0001 ID ("name" "Roundcube" "version" "1.2.7" "php" "5.6.32" "os" "Linux" "command" "/?_task=login")
[30-Nov-2017 07:05:54 +0000]: <oboq6gva> [5ED6] S: * ID ("name" "Dovecot")
[30-Nov-2017 07:05:54 +0000]: <oboq6gva> [5ED6] S: A0001 OK ID completed.
[30-Nov-2017 07:05:54 +0000]: <oboq6gva> [5ED6] C: A0002 AUTHENTICATE PLAIN ****** [57]

Offline SKaero

  • Administrator
  • Hero Member
  • *****
  • Posts: 5,289
    • http://SKaero.com/
Re: Security updates 1.3.3, 1.2.7 and 1.1.10 released
« Reply #8 on: December 02, 2017, 01:20:13 PM »
Whats the imap log when you can load the mailbox?

Offline ElasticUser

  • Jr. Member
  • **
  • Posts: 39
Re: Security updates 1.3.3, 1.2.7 and 1.1.10 released
« Reply #9 on: December 02, 2017, 01:59:35 PM »
I coppied & pasted 5 logs from ths IMAP log file.  Where do I find what you are asking for?  I might be limited online for the time being.  :--)

Offline SKaero

  • Administrator
  • Hero Member
  • *****
  • Posts: 5,289
    • http://SKaero.com/
Re: Security updates 1.3.3, 1.2.7 and 1.1.10 released
« Reply #10 on: December 03, 2017, 01:15:56 PM »
I want to see the requests where Roundcube is requesting the inbox to see if the mail server is taking a long time to respond or if its not we can narrow down the problem to something else.

Offline ElasticUser

  • Jr. Member
  • **
  • Posts: 39
Re: Security updates 1.3.3, 1.2.7 and 1.1.10 released
« Reply #11 on: December 03, 2017, 02:28:02 PM »
I appologize, I'm not sure where to find that info.  Is it in the whole IMAP error log file?  :--)

Offline SKaero

  • Administrator
  • Hero Member
  • *****
  • Posts: 5,289
    • http://SKaero.com/
Re: Security updates 1.3.3, 1.2.7 and 1.1.10 released
« Reply #12 on: December 03, 2017, 06:05:32 PM »
It should be added into the imap log file when Roundcube displays the inbox.

Offline ElasticUser

  • Jr. Member
  • **
  • Posts: 39
Re: Security updates 1.3.3, 1.2.7 and 1.1.10 released
« Reply #13 on: December 03, 2017, 07:59:35 PM »
Here's a bunch of IMAP logs.  It should hsve what your looking for.  :--)

[30-Nov-2017 07:05:54 +0000]: <oboq6gva> [5ED6] S: * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE NAMESPACE AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
[30-Nov-2017 07:05:54 +0000]: <oboq6gva> [5ED6] C: A0001 ID ("name" "Roundcube" "version" "1.2.7" "php" "5.6.32" "os" "Linux" "command" "/?_task=login")
[30-Nov-2017 07:05:54 +0000]: <oboq6gva> [5ED6] S: * ID ("name" "Dovecot")
[30-Nov-2017 07:05:54 +0000]: <oboq6gva> [5ED6] S: A0001 OK ID completed.
[30-Nov-2017 07:05:54 +0000]: <oboq6gva> [5ED6] C: A0002 AUTHENTICATE PLAIN ****** [57]
[02-Dec-2017 05:20:10 +0000]: <0k7gaqu7> [B0D8] S: * ID ("name" "Dovecot")
[02-Dec-2017 05:20:10 +0000]: <0k7gaqu7> [B0D8] S: A0001 OK ID completed.
[02-Dec-2017 05:20:10 +0000]: <0k7gaqu7> [B0D8] C: A0002 AUTHENTICATE PLAIN ****** [57]
[02-Dec-2017 05:20:10 +0000]: <0k7gaqu7> [B0D8] S: A0002 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS BINARY MOVE NAMESPACE NOTIFY COMPRESS=DEFLATE QUOTA] Logged in
[02-Dec-2017 05:20:10 +0000]: <0k7gaqu7> [B0D8] C: A0003 NAMESPACE
[02-Dec-2017 05:20:10 +0000]: <0k7gaqu7> [B0D8] S: * NAMESPACE (("INBOX." ".")) NIL NIL
[02-Dec-2017 05:20:10 +0000]: <0k7gaqu7> [B0D8] S: A0003 OK Namespace completed (0.001 + 0.000 secs).
[02-Dec-2017 05:20:10 +0000]: <uta090ci> [B0D8] C: A0004 LOGOUT
[02-Dec-2017 05:20:10 +0000]: <uta090ci> [B0D8] S: * BYE Logging out
[02-Dec-2017 05:20:10 +0000]: <uta090ci> [B0D8] S: A0004 OK Logout completed (0.001 + 0.000 secs).
[02-Dec-2017 05:20:11 +0000]: <uta090ci> [2142] S: * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE NAMESPACE AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
[02-Dec-2017 05:20:11 +0000]: <uta090ci> [2142] C: A0001 ID ("name" "Roundcube" "version" "1.2.7" "php" "5.6.32" "os" "Linux" "command" "/mail-rec/?_task=mail&_token=Ss8JUHyxrd3Ed66PgfypQgSSwKXRrHbF")
[02-Dec-2017 05:20:11 +0000]: <uta090ci> [2142] S: * ID ("name" "Dovecot")
[02-Dec-2017 05:20:11 +0000]: <uta090ci> [2142] S: A0001 OK ID completed.
[02-Dec-2017 05:20:11 +0000]: <uta090ci> [2142] C: A0002 AUTHENTICATE PLAIN ****** [57]
[02-Dec-2017 05:20:11 +0000]: <uta090ci> [2142] S: A0002 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS BINARY MOVE NAMESPACE NOTIFY COMPRESS=DEFLATE QUOTA] Logged in
[02-Dec-2017 05:20:11 +0000]: <uta090ci> [2142] C: A0003 LIST (SUBSCRIBED) "" "*"
[02-Dec-2017 05:20:11 +0000]: <uta090ci> [2142] S: * LIST (\Subscribed) "." INBOX.Junk
[02-Dec-2017 05:20:11 +0000]: <uta090ci> [2142] S: * LIST (\Subscribed) "." INBOX.spam
[02-Dec-2017 05:20:11 +0000]: <uta090ci> [2142] S: * LIST (\Subscribed) "." INBOX.Drafts
[02-Dec-2017 05:20:11 +0000]: <uta090ci> [2142] S: * LIST (\Subscribed) "." INBOX.Trash
[02-Dec-2017 05:20:11 +0000]: <uta090ci> [2142] S: * LIST (\Subscribed) "." INBOX.Sent
[02-Dec-2017 05:20:11 +0000]: <uta090ci> [2142] S: A0003 OK List completed (0.003 + 0.000 + 0.002 secs).
[02-Dec-2017 05:20:11 +0000]: <uta090ci> [2142] C: A0004 GETQUOTAROOT INBOX
[02-Dec-2017 05:20:11 +0000]: <uta090ci> [2142] S: * QUOTAROOT INBOX Mailbox "cPanel Account"
[02-Dec-2017 05:20:11 +0000]: <uta090ci> [2142] S: * QUOTA Mailbox (STORAGE 21310 102400)
[02-Dec-2017 05:20:11 +0000]: <uta090ci> [2142] S: * QUOTA "cPanel Account" (STORAGE 700312 307200000)
[02-Dec-2017 05:20:11 +0000]: <uta090ci> [2142] S: A0004 OK Getquotaroot completed (0.001 + 0.000 secs).
[02-Dec-2017 05:20:11 +0000]: <uta090ci> [2142] C: A0005 LOGOUT
[02-Dec-2017 05:20:11 +0000]: <uta090ci> [2142] S: * BYE Logging out
[02-Dec-2017 05:20:11 +0000]: <uta090ci> [2142] S: A0005 OK Logout completed (0.001 + 0.000 secs).
[02-Dec-2017 05:55:00 +0000]: <nstov2hn> [78E9] S: * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE NAMESPACE AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
[02-Dec-2017 05:55:00 +0000]: <nstov2hn> [78E9] C: A0001 ID ("name" "Roundcube" "version" "1.2.7" "php" "5.6.32" "os" "Linux" "command" "/mail-rec/?_task=login")
[02-Dec-2017 05:55:00 +0000]: <nstov2hn> [78E9] S: * ID ("name" "Dovecot")
[02-Dec-2017 05:55:00 +0000]: <nstov2hn> [78E9] S: A0001 OK ID completed.
[02-Dec-2017 05:55:00 +0000]: <nstov2hn> [78E9] C: A0002 AUTHENTICATE PLAIN ****** [57]
[02-Dec-2017 05:55:00 +0000]: <nstov2hn> [78E9] S: A0002 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS BINARY MOVE NAMESPACE NOTIFY COMPRESS=DEFLATE QUOTA] Logged in
[02-Dec-2017 05:55:00 +0000]: <nstov2hn> [78E9] C: A0003 NAMESPACE
[02-Dec-2017 05:55:00 +0000]: <nstov2hn> [78E9] S: * NAMESPACE (("INBOX." ".")) NIL NIL
[02-Dec-2017 05:55:00 +0000]: <nstov2hn> [78E9] S: A0003 OK Namespace completed (0.001 + 0.000 secs).
[02-Dec-2017 05:55:00 +0000]: <elqtg909> [78E9] C: A0004 LOGOUT
[02-Dec-2017 05:55:00 +0000]: <elqtg909> [78E9] S: * BYE Logging out
[02-Dec-2017 05:55:00 +0000]: <elqtg909> [78E9] S: A0004 OK Logout completed (0.001 + 0.000 secs).
[02-Dec-2017 05:55:00 +0000]: <elqtg909> [B2A4] S: * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE NAMESPACE AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
[02-Dec-2017 05:55:00 +0000]: <elqtg909> [B2A4] C: A0001 ID ("name" "Roundcube" "version" "1.2.7" "php" "5.6.32" "os" "Linux" "command" "/mail-rec/?_task=mail&_token=2byPw1fo5Pv1K5Jfjeft35qFFGU5i2sn")
[02-Dec-2017 05:55:00 +0000]: <elqtg909> [B2A4] S: * ID ("name" "Dovecot")
[02-Dec-2017 05:55:00 +0000]: <elqtg909> [B2A4] S: A0001 OK ID completed.
[02-Dec-2017 05:55:00 +0000]: <elqtg909> [B2A4] C: A0002 AUTHENTICATE PLAIN ****** [57]
[02-Dec-2017 05:55:00 +0000]: <elqtg909> [B2A4] S: A0002 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS BINARY MOVE NAMESPACE NOTIFY COMPRESS=DEFLATE QUOTA] Logged in
[02-Dec-2017 05:55:00 +0000]: <elqtg909> [B2A4] C: A0003 LIST (SUBSCRIBED) "" "*"
[02-Dec-2017 05:55:00 +0000]: <elqtg909> [B2A4] S: * LIST (\Subscribed) "." INBOX.Junk
[02-Dec-2017 05:55:00 +0000]: <elqtg909> [B2A4] S: * LIST (\Subscribed) "." INBOX.spam
[02-Dec-2017 05:55:00 +0000]: <elqtg909> [B2A4] S: * LIST (\Subscribed) "." INBOX.Drafts
[02-Dec-2017 05:55:00 +0000]: <elqtg909> [B2A4] S: * LIST (\Subscribed) "." INBOX.Trash
[02-Dec-2017 05:55:00 +0000]: <elqtg909> [B2A4] S: * LIST (\Subscribed) "." INBOX.Sent
[02-Dec-2017 05:55:00 +0000]: <elqtg909> [B2A4] S: A0003 OK List completed (0.001 + 0.000 secs).
[02-Dec-2017 05:55:00 +0000]: <elqtg909> [B2A4] C: A0004 GETQUOTAROOT INBOX
[02-Dec-2017 05:55:00 +0000]: <elqtg909> [B2A4] S: * QUOTAROOT INBOX Mailbox "cPanel Account"
[02-Dec-2017 05:55:00 +0000]: <elqtg909> [B2A4] S: * QUOTA Mailbox (STORAGE 21310 102400)
[02-Dec-2017 05:55:00 +0000]: <elqtg909> [B2A4] S: * QUOTA "cPanel Account" (STORAGE 700312 307200000)
[02-Dec-2017 05:55:00 +0000]: <elqtg909> [B2A4] S: A0004 OK Getquotaroot completed (0.001 + 0.000 secs).
[02-Dec-2017 05:55:00 +0000]: <elqtg909> [B2A4] C: A0005 LOGOUT
[02-Dec-2017 05:55:00 +0000]: <elqtg909> [B2A4] S: * BYE Logging out
[02-Dec-2017 05:55:00 +0000]: <elqtg909> [B2A4] S: A0005 OK Logout completed (0.001 + 0.000 secs).

Offline SKaero

  • Administrator
  • Hero Member
  • *****
  • Posts: 5,289
    • http://SKaero.com/
Re: Security updates 1.3.3, 1.2.7 and 1.1.10 released
« Reply #14 on: December 04, 2017, 01:39:48 AM »
So I don't see any problems there so I don't think the mail server is at fault. Are there any errors in the browser JS console?