Hi,
our mail server was been exploited via CVE-2019-9670 (zmcat in /var/tmp/ and miner) , web interface not accessible it seems that some jsp are deleted ) admin interface is still working,
we have stopped all services to avoid further problem (data leaks).
We have started deploing a new mail server, we want to recreate all mailbox from all domain, but with ldap stopped we can't get the addresses.
There is a work around? Can we just start ldap and use zmprov?
If we give zmcontrol start ldap the server go on and start other services too.
Any suggestion is really appreciated.
How to start ldap whitout start MTA and mailbox CVE-2019-9670
- fs.schmidt
- Outstanding Member
- Posts: 278
- Joined: Sat Sep 13, 2014 3:37 am
- Location: Brazil
- Contact:
Re: How to start ldap whitout start MTA and mailbox CVE-2019-9670
Hello, you can start ldap with "ldap start" as zimbra user and you will be able to export the data from LDAP. If you need to export mailboxes data (email, appointments, etc...) you will have start the mailbox service with zmmailboxdctl start. If you don't want your Zimbra available on the internet, you cloud to block the access.TitusI wrote:Hi,
our mail server was been exploited via CVE-2019-9670 (zmcat in /var/tmp/ and miner) , web interface not accessible it seems that some jsp are deleted ) admin interface is still working,
we have stopped all services to avoid further problem (data leaks).
We have started deploing a new mail server, we want to recreate all mailbox from all domain, but with ldap stopped we can't get the addresses.
There is a work around? Can we just start ldap and use zmprov?
If we give zmcontrol start ldap the server go on and start other services too.
Any suggestion is really appreciated.
-
- Posts: 30
- Joined: Fri Apr 15, 2016 2:54 pm
- ZCS/ZD Version: Release 8.7.11_GA_1854.RHEL7_64_201
Re: How to start ldap whitout start MTA and mailbox CVE-2019-9670
thank you,fs.schmidt wrote:Hello, you can start ldap with "ldap start" as zimbra user and you will be able to export the data from LDAP. If you need to export mailboxes data (email, appointments, etc...) you will have start the mailbox service with zmmailboxdctl start. If you don't want your Zimbra available on the internet, you cloud to block the access.TitusI wrote:Hi,
our mail server was been exploited via CVE-2019-9670 (zmcat in /var/tmp/ and miner) , web interface not accessible it seems that some jsp are deleted ) admin interface is still working,
we have stopped all services to avoid further problem (data leaks).
We have started deploing a new mail server, we want to recreate all mailbox from all domain, but with ldap stopped we can't get the addresses.
There is a work around? Can we just start ldap and use zmprov?
If we give zmcontrol start ldap the server go on and start other services too.
Any suggestion is really appreciated.
I've tried zmcontrol ldap start, I stopped it because I see it begin to start other services, I don't want the server go up again. (othervise mail reach the server and I want they go to the new server)
EDIT
Ok, ldap start semms to work