Well, doing this didn't exactly fix it, but it did do something
different. Instead of dumping the IP from the list this time, it now
changes the choice from Deny all except or Allow all except.
I moved it to a new server in hopes of something being out of sorts on
the existing server, but it is still broke.
Matt wrote:
Jeff,
Try removing the auto deny possible hack attempts check mark and see
if it doesn't stop.
Matt
Jeffery Rehm wrote:
Spoke too soon. Just happened again.
Jeffery Rehm wrote:
I found that if I allow access to a group and put IP in the setting
appears to stick, or has so far anyway. I was doing it as a single
IP and that wasn't working at all.
Sanford Whiteman wrote:
Ok, now this is getting annoying... IMail Access Control is set to
DENY all computers except one particular machine. Three times today
I have had to go back in and add the machine to the list of allowed
addresses.
While I don't know your exact topology, this particular requirement is
almost always better met by blocking at the firewall or OS level,
rather than at the application socket-discard level.
I had a client a few weeks ago whose POP3D server was getting slammed
by a password-guessing attack (from a single IP, luckily). Their admin
had added the IP to IMail's Control Access, but that only resulted in
the service crashing after a few minutes: remember, the socket still
gets handed "up" to IMail when you only use its internal controls.
While I didn't have access to their firewall, simply blocking the same
IP using Windows built-in IP Security Policy stopped the attack dead.
Preventing IMail from servicing the socket at all should be your goal.
This won't eliminate the published problems when you enable Auto-Deny
and other data-level security features, but if you trust your
permitted IPs enough to let down your guard with these other features,
it's a lot better than Control Access. And frankly, running BlackIce
Server ($299) gives you much more security than using IMail's
data-level inspection. Or there's Snort, etc.
--Sandy
------------------------------------
Sanford Whiteman, Chief Technologist
Broadleaf Systems, a division of
Cypress Integrated Systems, Inc.
e-mail: [EMAIL PROTECTED]
SpamAssassin plugs into Declude!
http://www.imprimia.com/products/software/freeutils/SPAMC32/download/release/
Defuse Dictionary Attacks: Turn Exchange or IMail mailboxes into
IMail Aliases!
http://www.imprimia.com/products/software/freeutils/exchange2aliases/download/release/
http://www.imprimia.com/products/software/freeutils/ldap2aliases/download/release/
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html
List Archive:
http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html
List Archive:
http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html
List Archive:
http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html
List Archive:
http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html
List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
