Because of the proxy systems they use btw. end users and the Internet, each http request comes from a different Ip address. Doesn't matter which client they are using. If you have access to an AOL account, login with it, browse around a website on one of your webservers, then take a look at your web server logs. You'll see the source addresses bounce all over the place (although usually it seems to go in sequential order i.e. first request will be from 1.1.1.1, next will be from 1.1.1.2, 1.1.1.3, and so on).
I believe this is done not only to help secure the end users from attack, but also to make it next to impossible for end users to do things like host their own webserver, etc. - Tony >-----Original Message----- >From: [EMAIL PROTECTED] >[mailto:[EMAIL PROTECTED]]On Behalf Of John Tolmachoff >Sent: Thursday, June 13, 2002 11:34 AM >To: [EMAIL PROTECTED] >Subject: RE: [IMail Forum] IMail security issue? > > >My user's problem was also with Starband. > >I just noticed something. Here is a log snippet from the user that had >the problem: > >>>Mozilla/4.0 (compatible; MSIE 5.5; Windows 98; Starband Version 1.0) > >This means that he is using the ISP provided IE? I wonder if using a >full regular version would make a difference. > >As a matter of fact, if this is a clue, the people that have problems >with AOL, are they connecting via the AOL browser, or using a full >browser? > >John Tolmachoff >IT Manager, Network Engineer >RelianceSoft, Inc. >Fullerton, CA 92835 >www.reliancesoft.com > > >-----Original Message----- >From: [EMAIL PROTECTED] >[mailto:[EMAIL PROTECTED]] On Behalf Of Tony Gray - >Network Administrator >Sent: Thursday, June 13, 2002 7:26 AM >To: [EMAIL PROTECTED] >Subject: RE: [IMail Forum] IMail security issue? > >As long as you don't have webmail users on services like AOL, Prodigy, >or >Starband, you can uncheck 'ignore source address'. If you do, though, >you >might as well rename that checkbox "Do not let AOL, Prodigy or Starband >Users use webmail". > >Unfortunate for security's sake, but true. > >- Tony > >>-----Original Message----- >>From: [EMAIL PROTECTED] >>[mailto:[EMAIL PROTECTED]]On Behalf Of John >Tolmachoff >>Sent: Thursday, June 13, 2002 10:08 AM >>To: [EMAIL PROTECTED] >>Subject: RE: [IMail Forum] IMail security issue? >> >> >>Another scenrio where someone would have to enable "Ignore Source IP" >is >>when you have users with some Satellite ISP's. One of our clients has a >>heavy user that works from home one day per week that uses a Satellite >>connection. His ISP uses something called a Double Proxy that plays >>havoc with IP addresses. >> >>07:07 PDT 06/13/02 >> >>John Tolmachoff >>IT Manager, Network Engineer >>RelianceSoft, Inc. >>Fullerton, CA 92835 >>www.reliancesoft.com >> >>-----Original Message----- >>From: [EMAIL PROTECTED] >>[mailto:[EMAIL PROTECTED]] On Behalf Of R. Scott >Perry >>Sent: Wednesday, June 12, 2002 6:47 PM >>To: [EMAIL PROTECTED] >>Subject: Re: [IMail Forum] imail security issue? >> >> >>>Here's the scenario: I am logged into my IMail server(v7.10 on NT4) >at >> >>>the url >>>https://mail.langliesystems.com/Xb9a69b9b9dcf9c9899cbe8f63fd4/readmail >. >>25637.cgi?uid=yourid&mbx=Main >>>- I take this url and cut/paste it into a new browser and there it is >- >> >>>the same e-mail session active in two browsers. >> >>Yes, that is to be expected. Most web sites work that way, and is >often >> >>very useful. In fact, it allows you to have Outlook-like web >messaging, >> >>where new E-mails appear in new browser windows (it's pretty cool). >> >>>This can be taken a step farther by pasting the url into a browser >>running >>>on a completely different IP and subnet. >> >>Only if you have IMail set up to allow it ("Ignore source IP"). >Prodigy >> >>started that silly game of proxying IPs, and AOL took over the >>concept. Therefore, a lot of people do not use the IP as a security >>measure. We found this out the hard way about 6 years ago when we were >>developing some of the first dynamic web pages. >> >>>For instance, I can log into the IMail web interface sitting at home, >>then >>>connect to my co-located webserver via MS Terminal Svc and paste that >>same >>>URL into a browser in my TermSrv session and both e-mail sessions will >>be >>>active at the same time! >>> >>>Hotmail will not allow you to do this. Is this a bug or a feature? >>Can >>>this behavior be prevented? >> >>It's a feature that you have enabled. It can be prevented by going >back >>to >>the default, and unchecking "Ignore source IP" in the web messaging >>settings. >> >> -Scott >>--- >>Declude: Anti-virus, Anti-spam and Anti-hijacking solutions for >>IMail. http://www.declude.com >> >>--- >>[This E-mail was scanned for viruses by Declude Virus >>(http://www.declude.com)] >> >> >>Please visit http://www.ipswitch.com/support/mailing-lists.html >>to be removed from this list. >> >>An Archive of this list is available at: >>http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ >> >>Please visit the Knowledge Base for answers to frequently asked >>questions: http://www.ipswitch.com/support/IMail/ >> >> >>Please visit http://www.ipswitch.com/support/mailing-lists.html >>to be removed from this list. >> >>An Archive of this list is available at: >>http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ >> >>Please visit the Knowledge Base for answers to frequently asked >>questions: http://www.ipswitch.com/support/IMail/ >>--- >>[This E-mail was scanned for viruses by http://www.intouchmi.com] >> >> > >--- >[This E-mail was scanned for viruses by http://www.intouchmi.com] > > >Please visit http://www.ipswitch.com/support/mailing-lists.html >to be removed from this list. > >An Archive of this list is available at: >http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ > >Please visit the Knowledge Base for answers to frequently asked >questions: http://www.ipswitch.com/support/IMail/ > > >Please visit http://www.ipswitch.com/support/mailing-lists.html >to be removed from this list. > >An Archive of this list is available at: >http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ > >Please visit the Knowledge Base for answers to frequently asked >questions: http://www.ipswitch.com/support/IMail/ >--- >[This E-mail was scanned for viruses by http://www.intouchmi.com] > > --- [This E-mail was scanned for viruses by http://www.intouchmi.com] Please visit http://www.ipswitch.com/support/mailing-lists.html to be removed from this list. An Archive of this list is available at: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Please visit the Knowledge Base for answers to frequently asked questions: http://www.ipswitch.com/support/IMail/
