User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) Build Identifier: Mozilla 1.6 Hello, I am working in Alcatel Development India Pvt.Ltd.,chennai, India. here we are using Mozilla 1.6 browser. the incoming server is IMAP. i am giving the incoming server address. after that it is creating the user. and here i can create anybody's mail account. after that for composing any mail it should ask password. and it is asking password but i am neglecting that password by clicking cancel. then in the browser in the right hand space i am able tofind a compose option with inbox option. when i am going for the compose option a compose window is opening and i am able to send mail without any password to anybody. so it is to be noticed that one can create anybodys account in the organization environment. it is not caring wheather that person is already having a valid account or not. and without password it is sending the mail. but if we reply to that mail it is not coming. so what is the problem. hope you can understand what i mean to say. for more details feel free to contact me on firstname.lastname@example.org my cell no is : +91-9840806778 thanks & regards, Trilochan Mishra Reproducible: Always Steps to Reproduce: 1.check the password fild for sending option and enable it. 2.check your security level. 3.
Component: Safe Browsing → Colorpicker
Product: Firefox → Composer
Version: unspecified → 0.17
this is a misconfiguration of your mail server. go complain to your admin.
Assignee: nobody → mail
Component: Colorpicker → MailNews: Account Manager
Product: Composer → Mozilla Application Suite
QA Contact: safe.browsing
Version: 0.17 → 1.4 Branch
Status: UNCONFIRMED → RESOLVED
Last Resolved: 12 years ago
Resolution: --- → INVALID
What's not secure is using Mozilla 1.6! That's a two-and-a-half year old version. Here are the security fixes in just the past year and a half: http://www.mozilla.org/security/announce/ There are exploits being used in the wild for vulnerabilities we fixed mid-2005. If your Mozilla is that old probably your Java is as well. There are tons of exploits for old versions of Java. update at http://java.com Note that IMAP is for incoming mail, SMTP is used for outgoing mail. *both* must be set to require passwords and enforce a match between the From: line and the account. But there are plenty of un-secured SMTP servers in the world, forged "From" lines are a foregone conclusion (common technique used by spammers and email worms)
You need to log in before you can comment on or make changes to this bug.