Hi Andrew,
You will also need to set the Relay for Addresses so that you only relay for
IP addresses from your local network to avoid being an open SPAM relay (if
you haven't already).
Also if you run IIS on your server you need to keep an eye on the latest MS
security updates.
Steve
Steven Moore
Internet Development Engineer
Research Machines
+44 1235 823522
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Pau
> Ruiz P�rez
> Sent: 10 May 2001 13:19
> To: [EMAIL PROTECTED]
> Subject: RE: [IMail Forum] Security & Imail v6.0.9
>
>
> If you've got service to service NAT, (SMTP-25, HTTP-80,
> POP3-110, ...),
> you're configuration is OK and there's nothing you can do to
> except upgrade
> to the last release (6.06 with all the sub-patches), to
> prevent some DOS
> attack that are corrected in these releases, and some bugs
> solved (I think
> you should)
> The patches to install are the 6.06, 6.06-SVS, ... In the
> download page
> of the Imail explain the order you've to install them
>
> If the NAT is IP to IP, you're in a problem, your
> Netbios-139 are visible
> to the outside world, and anybody could try to do: NET USE
\\IP\SHARE, that
NT, by default have some...
On any other service running on your Imail machine will happen the same
(ftp, ...)
If you've got only one server, I don't think necessary to create a DMZ
for the machine. (To do this OK you've to put another network adapter on
your firewall), it can be difficult in some cases the firewall is a black
box with 2 network adapters configured via web.
Hope this helps
Pau
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Andrew SNOWDEN
Sent: jueves 10 de mayo de 2001 13:17
To: Imail
Subject: [IMail Forum] Security & Imail v6.0.9
We have the bulk standard installation of Imail on an NT Server that sits
behind our firewall with a one-to-one NAT allowing web access from the
Internet.
Question 1
Are there any security loop holes? And if so, does anyone have a complete
list of any additional patches we should apply?
Question 2
Should our server be in a DMZ or is it ok as it is?
Thanks
Andrew Snowden, ICT Co-ordinator,
Cheadle Hulme School, UK.
Please visit http://www.ipswitch.com/support/mailing-lists.html
to be removed from this list.
An Archive of this list is available at:
http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Please visit http://www.ipswitch.com/support/mailing-lists.html
to be removed from this list.
An Archive of this list is available at:
http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Visit our website at http://www.rm.com
Standard Disclaimer:This message is confidential. You should not copy it or
disclose its contents to anyone. You may use and apply the information only
for the intended purpose. Internet communications are not secure and
therefore RM does not accept legal responsibility for the contents of this
message. Any views or opinions presented are only those of the author and
not those of RM. If this email has come to you in error please delete it
and any attachments. Please note that RM may intercept incoming and
outgoing e-mail communications.
Please visit http://www.ipswitch.com/support/mailing-lists.html
to be removed from this list.
An Archive of this list is available at:
http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
