osTicket v1.10 (stable) and Maintenance Release v1.9.15 are now available! Go get it now
Ostickets and mail server hacked
I come to you asking urgent help. We installed a new server with email and osticket.
The server doesn't have anything else.
The server, went down, when trying to send lots of emails.
I'm triyng to backtrace to see if the problem was osticket.
We have a cron job pooling the tickets via imap.
the mysql user only has access to osticket database.
the only file that has 777 is cron.php.
Yesterday it was sending tons of emails from an account that isn't even in osticket.
It exists only as a user account.
We changed the email password and disabled osticket.
It returned to normal.
Using windiff i checked for injected code. Nothing.
What could it be?? Could Osticket be the gateway??
What can we do to stop this from happening??
Please help us....