Re: [IMail Forum] SMTP Exploit Scanning Going on NOW

[Tripp Allen]

I suggest talking with the product manager, Kevin Gillis, about 8.15.  The update for SMTPD I'm posting will ONLY work for 8.22.   Tripp     ----- Original Message ----- From: Dave Doherty To: Imail_Forum@list.ipswitch.com Sent: Thursday, October 26, 2006 7:10 PM Subject: Re: [IMail Forum] SMTP Exploit Scanning Going on NOW Tripp said they don't know. He didn't say they wouln't fix it.   We now have confirmation from Robbie that 8.15 is vulnerable.   So, over to you, Tripp. What are your plans? Upgrades to 8.22, or a new SMTPD32 for 8.15? Or will the new SMTPD work with 8.15?   -Dave Doherty  Skywaves, Inc.  508-425-7176  [EMAIL PROTECTED]     ----- Original Message ----- From: Beach Computers To: Imail_Forum@list.ipswitch.com Sent: Thursday, October 26, 2006 4:54 PM Subject: RE: [IMail Forum] SMTP Exploit Scanning Going on NOW So, let me make sure I have Ipswich's answer correctly. We don't know if 8.15 is affected, therefore if you are running it, good luck because we have no plan on giving you a fix.   Did I miss anything? I sure hope so.   Dave =================================== Beach Computers Affordable Hosting Solutions http://www.beachcomp.com =================================== Cheap Domain Warehouse Get Your Own Dot! http://www.cheapdomainwarehouse.com   ------------------------------------ Disclaimer and confidentiality note: The contents of this communication are intended/meant only for addressee(s) and may contain information that is privileged or otherwise confidential. If you are not the intended recipient you are hereby notified that any disclosure, copying, distribution or taking any action in reliance on the contents of this information is strictly prohibited and may be unlawful. The contents of this e-mail shall not be forwarded to any third party. If you have received this electronic mail transmission in error, please delete it from your system without copying or forwarding it, and notify the sender of the error by reply email, so that the sender's address records can be corrected. Views and opinions are solely those of the sender unless clearly indicated as being that of Beach Computers or any of it's affiliated companies. Beach Computers cannot assure that the integrity of this communication has been maintained or that it is free of errors, virus, interception or interference.   From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Robbie Pardue Sent: Thursday, October 26, 2006 5:26 PM To: Imail_Forum@list.ipswitch.com Subject: RE: [IMail Forum] SMTP Exploit Scanning Going on NOW      8.15 is vulnerable right now, I can personally confirm this.  Two separate physical servers in separate places and unrelated IP space which I oversee were exploited on Monday and Wednesday (both were reported, with logs examples to techsupport).      We have not been reluctant to maintain contracts (we have had contracts on both of these boxes all along) only to upgrade in a flurry of post 8.2 activity on the forum (and following some upgrade-related disasters on previous versions).  We are looking into going straight from 8.15 to 2006 or to temporarily going to 8.22 to get this patch but would WILDLY prefer a patch for 8.15 to buy a little more time to do our upgrades right.      I will ask for nothing else from you ever. Tripp Allen <[EMAIL PROTECTED]> wrote: -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tripp Allen Sent: Thursday, October 26, 2006 2:14 PM To: Imail_Forum@list.ipswitch.com Subject: RE: [IMail Forum] SMTP Exploit Scanning Going on NOW We are not currently planning a patch for 8.15.  SMTPD was rewritten in 8.2 and I can not confirm (or deny) that 8.1X is vulnerable right now. Tripp -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dave Doherty Sent: Thursday, October 26, 2006 4:35 PM To: Imail_Forum@list.ipswitch.com Subject: Re: [IMail Forum] SMTP Exploit Scanning Going on NOW What about 8.15, Tripp? From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mark Reimer Sent: Thursday, October 26, 2006 4:21 PM To: Imail_Forum@list.ipswitch.com Subject: RE: [IMail Forum] SMTP Exploit Scanning Going on NOW Tripp, Remind me how we tell which release we are on. Mark Reimer IT System Admin American CareSource 972-308-6887 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tripp Allen Sent: Thursday, October 26, 2006 3:19 PM To: Imail_Forum@list.ipswitch.com Subject: RE: [IMail Forum] SMTP Exploit Scanning Going on NOW You'll need to upgrade to 2006.1. Tripp From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gil Gomes Sent: Thursday, October 26, 2006 4:13 PM To: Imail_Forum@list.ipswitch.com Subject: Re: [IMail Forum] SMTP Exploit Scanning Going on NOW    Ummm...  How about 2006.03?  Is that going to be patched, or do I need to quickly perform an upgrade to 2006.1????  I've been running 2006.1 on a test box for a month or so, and I'm not really too choked up about it...  I'll need to go back to my documentation to see exactly WHAT the issues are, but I was planning to skip that upgrade altogether and wait for the next one... -Gil -----Original Message----- From: "Tripp Allen" Sent 10/26/2006 3:02:19 PM To: Imail_Forum@list.ipswitch.com Subject: RE: [IMail Forum] SMTP Exploit Scanning Going on NOW 2006.1 is not vulnerable to this exploit. We are working on a update for 8.22 which will include one DLL that needs to be copied over the old one during a stop / start of smtpd32. I'll post a link here as soon as it's available. Tripp To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ Do you Yahoo!? Everyone is raving about the all-new Yahoo! Mail.