I beg to disagree with your comment.
Allowing admins of networks to personally decide the level of security
they
want to have in their individual networks flies in the face of all
security
standards!
No sir. an admin must make certain his or her network is secure. S/he
should not trust any applicaiton until it is tested.
Those standards were designed to protect everyone who installs server
based
software. If we start allowing vendors, ie: IPSwitch, to create a new
security standard for a product that is designed to access the internet as
part of its overall design, we're throwing those standards out the window.
Nobody is talking about changing standards... Beside, there as as many
standards as there are people :)
You as the admin have control of securing your machine. From the service
that IMail run as, filesystem permissions, registry permissions, etc... The
admin even has control over what ports are open at the firewall, what IDS
get used, you name it.
Any product that is designed to work in conjunction with any kind of
internet access should be designed to take into consideration the security
standards and best practices that have become commonly acceptable over the
history of the networking products and hardware with which they are
designed
to work.
Agreed. I believe the only permission issues at hand currently are the one
required for the .NET applicaiton. This is the reason I said ipswiotch
should publish a very detailed how-to and stick with supporting that
instsallation instruction set. Any deviation from it should not be their
liability.
If anyone modifies the security access levels of their servers, either as
part of a software installation, or as part of a deliberate measure, they
are opening themselves up to every hacker, virus and worm crawling through
the internet.
Actually, for thoise still running win2k, if you *have not* modified your
defaults, your servers have proably already been compromised. On Win2003 -
there are still things the admin needs to tighten up from the 'defaults'
Security on any web or mail server should be set to the maximum possible
level, giving both users and software only the absolute minimum access
level
necessary to complete the task for which the software is designed. Any
variation in that model will invite chaos!
Agreed.
Given the current security problems within IMail we will not deploy the
product until we are 100% satisfied that all of the security access issues
have been addresses and fully resolved.
Same here - We are holding off deploying on our multi-domain mail servers
but are proceeding to install on our single-domain mail servers.
Regards,
David Gregg
dgSoft Internet Services
+1 (949) 584-1514
--
mxGuard for IMail
The no-nonsense antispam and antivirus solution.
Download a free 30-day trial at
http://www.mxguard.com/postmaster/freetrial.asp
--
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html
List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
