From: Matt R. <ma...@fr...> - 2006-07-28 21:40:58
|
We've been using SquirrelMail for years and have by and large been super happy. Recently we had what we feel is a very strange session issue that we think is likely related to PHP, but I wanted to toss it out here in case anyone else had seen this before. We got a report the other day of someone sending a message from squirrel and when the message sent the from address was set to that of another one of our users. For example: bo...@do... logs into SM, composes a messages and sends it. When the message is received by the recipient it reports the From: address as jo...@do.... Luckily we were also able to get the full headers for this message and the header showed that the SquirrelMail authenticated user was bo...@do..., but shows all the from info as jo...@do.... The mail logs also showed the message and reported all the activity as from jo...@do... While researching this I found that this had happened at least one other time before, and had been happening someone consistently for this third user. While troubleshooting they noticed their system clock was set to 1970 for some reason. They set their clock to the correct time and it has not happened since. On a whim with this new case I had both bobuser and joeuser check their system clocks and sure enough, one was set to 2001 and one was set to 1970. Now, this seems Awfully strange to me and rather frustrating because I'd really rather not have people sending mail from the wrong user and of course I can't control what all of my users clocks are set to. I'm suspecting it might be a session oddity and somehow when the date is way off it is confusing the session expiration. However, this really doesn't seem to explain how they were getting someone else's prefs, at least partially. Has anyone else seen or heard of anything like this? At the time of the report we were running apache 2.2.2 (now 2.2.3 because of today's advisory), with php 5.1.3 and a patched version of SM 1.4.6 (I will be upgrading SM on Monday to the true 1.4.7 version). All of this runs on FreeBSD 4.11. Let me know what other information I can provide. Thanks much. Matt Ruzicka - Senior Systems Administrator Front Range Internet, Inc. ma...@fr... - (970) 212-0728 |