HOW THE HECK DO I GET OFF THIS LIST! IT SAYS MY EMAIL IS UNKNOWN WHEN I DID THE PROCEDURE TO GET OFF!
----- Original Message ----- From: "List Server" <[EMAIL PROTECTED]> Sent: Friday, March 28, 2003 3:07 AM Subject: [IMail_Forum DIGEST] > ---------------------------------------------------------------------- > > Date: Thu, 27 Mar 2003 13:54:26 +0100 > From: Buchenauer Christian <[EMAIL PROTECTED]> > Subject: [IMail Forum] Need help interpreting Logs > Reply-To: [EMAIL PROTECTED] > Hi list > > First, thanks to the one who has posted the link to http://www.declude.com/info/logs.htm. > I have studied this and still have no clue about what is happening on my server. > > In the logs below, you will see that someone was able to: > 1) send mail from magnet.at to magnet.at without any smtp auth > 2) send mail from magnet.at to magnet.at and_a_third_address without any smtp auth > > The system is IMail 7.14 with "no mail relay" checked and "disable smtp auth" UNchecked. > Testing my mailserver using telnet shows this: > 220 cafe.ch (IMail 7.14 1883-1) NT-ESMTP Server X1 > ehlo > 250-cafe.ch says hello > 250-SIZE 28000000 > 250-8BITMIME > 250-DSN > 250-ETRN > 250-AUTH LOGIN CRAM-MD5 > 250-AUTH=LOGIN > 250 EXPN > mail from: [EMAIL PROTECTED] > 250 ok > rcpt to: [EMAIL PROTECTED] > 550 not local host magnet.at, not a gateway > > What is happening here? > > Thanks for any hints. > Chris > > The logs: > > Example #1: magnet.at sending to magnet.at: > > 20030326 094733 127.0.0.1 SMTPD (01680210) [195.65.117.14] connect My.Fire.Wall.IP port > 40916 > 20030326 094733 127.0.0.1 SMTPD (01680210) [My.Fire.Wall.IP] EHLO namenn6iahca77 > 20030326 094733 127.0.0.1 SMTPD (01680210) [My.Fire.Wall.IP] MAIL FROM: <[EMAIL PROTECTED]> > 20030326 094733 127.0.0.1 SMTPD (01680210) [My.Fire.Wall.IP] RCPT TO: <[EMAIL PROTECTED]> > 20030326 094733 127.0.0.1 SMTPD (01680210) [My.Fire.Wall.IP] > E:\Spool\D6925016802101ac4.SMD 608 > 20030326 094734 127.0.0.1 SMTP (409) processing E:\Spool\Q6925016802101ac4.SMD > 20030326 094739 127.0.0.1 SMTP (409) finished E:\Spool\Q6925016802101ac4.SMD status=1 > 20030326 094734 127.0.0.1 SMTP (409) processing E:\Spool\Q6925016802101ac4.SMD > 20030326 094734 127.0.0.1 SMTP (409) Trying magnet.at (0) > 20030326 094734 127.0.0.1 SMTP (409) Connect magnet.at [195.170.70.86:25] (1) > 20030326 094734 127.0.0.1 SMTP (409) 220 mail03.nextra.at ESMTP ready; Wed, 26 Mar 2003 > 09:47:25 +0100 (MET) > 20030326 094734 127.0.0.1 SMTP (409) >EHLO cafe.ch > 20030326 094734 127.0.0.1 SMTP (409) 250-mail.nextra.at Hello [195.65.117.14], pleased to > meet you > 20030326 094734 127.0.0.1 SMTP (409) 250-ENHANCEDSTATUSCODES > 20030326 094734 127.0.0.1 SMTP (409) 250-PIPELINING > 20030326 094734 127.0.0.1 SMTP (409) 250-8BITMIME > 20030326 094734 127.0.0.1 SMTP (409) 250-SIZE 20048000 > 20030326 094734 127.0.0.1 SMTP (409) 250-DSN > 20030326 094734 127.0.0.1 SMTP (409) 250-DELIVERBY > 20030326 094734 127.0.0.1 SMTP (409) 250 HELP > 20030326 094734 127.0.0.1 SMTP (409) >MAIL FROM:<[EMAIL PROTECTED]> > 20030326 094734 127.0.0.1 SMTP (409) 250 2.1.0 <[EMAIL PROTECTED]>... Sender ok > 20030326 094734 127.0.0.1 SMTP (409) >RCPT To:<[EMAIL PROTECTED]> > 20030326 094739 127.0.0.1 SMTP (409) 250 2.1.5 <[EMAIL PROTECTED]>... Recipient ok > 20030326 094739 127.0.0.1 SMTP (409) >DATA > 20030326 094739 127.0.0.1 SMTP (409) 354 Enter mail, end with "." on a line by itself > 20030326 094739 127.0.0.1 SMTP (409) >. > 20030326 094739 127.0.0.1 SMTP (409) 250 2.0.0 h2Q8lPUS029800 Message accepted for > delivery > 20030326 094739 127.0.0.1 SMTP (409) rdeliver magnet.at [EMAIL PROTECTED] (1) > <[EMAIL PROTECTED]> 608 > 20030326 094739 127.0.0.1 SMTP (409) >QUIT > 20030326 094739 127.0.0.1 SMTP (409) 221 2.0.0 mail.nextra.at closing connection > 20030326 094739 127.0.0.1 SMTP (409) finished E:\Spool\Q6925016802101ac4.SMD status=1 > > Example #2: magnet.at sending to magnet.at and hu.inter.net: > > 20030326 142528 127.0.0.1 SMTPD (5E2B0038) [195.65.117.14] connect My.Fire.Wall.IP port > 5502 > 20030326 142528 127.0.0.1 SMTPD (5E2B0038) [My.Fire.Wall.IP] EHLO namenn6iahca77 > 20030326 142528 127.0.0.1 SMTPD (5E2B0038) [My.Fire.Wall.IP] MAIL FROM: <[EMAIL PROTECTED]> > 20030326 142528 127.0.0.1 SMTPD (5E2B0038) [My.Fire.Wall.IP] RCPT TO: <[EMAIL PROTECTED]> > 20030326 142528 127.0.0.1 SMTPD (5E2B0038) [My.Fire.Wall.IP] RCPT TO: <[EMAIL PROTECTED]> > 20030326 142528 127.0.0.1 SMTPD (5E2B0038) [My.Fire.Wall.IP] > E:\Spool\Daa485e2b00388c2e.SMD 2499 > 20030326 142529 127.0.0.1 SMTP (379) processing E:\Spool\Qaa485e2b00388c2e.SMD > 20030326 142532 127.0.0.1 SMTP (379) finished E:\Spool\Qaa485e2b00388c2e.SMD status=1 > 20030326 142529 127.0.0.1 SMTP (379) processing E:\Spool\Qaa485e2b00388c2e.SMD > 20030326 142529 127.0.0.1 SMTP (379) Trying magnet.at (0) > 20030326 142529 127.0.0.1 SMTP (379) Connect magnet.at [195.170.70.50:25] (1) > 20030326 142529 127.0.0.1 SMTP (379) 220 mail02.nextra.at ESMTP ready; Wed, 26 Mar 2003 > 14:25:20 +0100 (MET) > 20030326 142529 127.0.0.1 SMTP (379) >EHLO cafe.ch > 20030326 142529 127.0.0.1 SMTP (379) 250-mail.nextra.at Hello [195.65.117.14], pleased to > meet you > 20030326 142529 127.0.0.1 SMTP (379) 250-ENHANCEDSTATUSCODES > 20030326 142529 127.0.0.1 SMTP (379) 250-PIPELINING > 20030326 142529 127.0.0.1 SMTP (379) 250-8BITMIME > 20030326 142529 127.0.0.1 SMTP (379) 250-SIZE 20048000 > 20030326 142529 127.0.0.1 SMTP (379) 250-DSN > 20030326 142529 127.0.0.1 SMTP (379) 250-DELIVERBY > 20030326 142529 127.0.0.1 SMTP (379) 250 HELP > 20030326 142529 127.0.0.1 SMTP (379) >MAIL FROM:<[EMAIL PROTECTED]> > 20030326 142529 127.0.0.1 SMTP (379) 250 2.1.0 <[EMAIL PROTECTED]>... Sender ok > 20030326 142529 127.0.0.1 SMTP (379) >RCPT To:<[EMAIL PROTECTED]> > 20030326 142530 127.0.0.1 SMTP (379) 250 2.1.5 <[EMAIL PROTECTED]>... Recipient ok > 20030326 142530 127.0.0.1 SMTP (379) >DATA > 20030326 142530 127.0.0.1 SMTP (379) 354 Enter mail, end with "." on a line by itself > 20030326 142530 127.0.0.1 SMTP (379) >. > 20030326 142530 127.0.0.1 SMTP (379) 250 2.0.0 h2QDPKLP019444 Message accepted for > delivery > 20030326 142530 127.0.0.1 SMTP (379) rdeliver magnet.at [EMAIL PROTECTED] (1) > <[EMAIL PROTECTED]> 2499 > 20030326 142530 127.0.0.1 SMTP (379) >QUIT > 20030326 142531 127.0.0.1 SMTP (379) 221 2.0.0 mail.nextra.at closing connection > 20030326 142531 127.0.0.1 SMTP (379) Trying hu.inter.net (0) > 20030326 142531 127.0.0.1 SMTP (379) Connect hu.inter.net [213.73.102.13:25] (1) > 20030326 142531 127.0.0.1 SMTP (379) 220 clever.eusc.inter.net ESMTP Exim 3.36 #4 Wed, 26 > Mar 2003 14:25:22 +0100 > 20030326 142531 127.0.0.1 SMTP (379) >EHLO cafe.ch > 20030326 142531 127.0.0.1 SMTP (379) 250-clever.eusc.inter.net Hello cafe.ch > [195.65.117.14] > 20030326 142531 127.0.0.1 SMTP (379) 250-SIZE 26214400 > 20030326 142531 127.0.0.1 SMTP (379) 250-PIPELINING > 20030326 142531 127.0.0.1 SMTP (379) 250-AUTH PLAIN LOGIN CRAM-MD5 > 20030326 142531 127.0.0.1 SMTP (379) 250 HELP > 20030326 142531 127.0.0.1 SMTP (379) >MAIL FROM:<[EMAIL PROTECTED]> > 20030326 142531 127.0.0.1 SMTP (379) 250 <[EMAIL PROTECTED]> is syntactically correct > 20030326 142531 127.0.0.1 SMTP (379) >RCPT To:<[EMAIL PROTECTED]> > 20030326 142531 127.0.0.1 SMTP (379) 250 <[EMAIL PROTECTED]> verified > 20030326 142531 127.0.0.1 SMTP (379) >DATA > 20030326 142531 127.0.0.1 SMTP (379) 354 Enter message, ending with "." on a line by > itself > 20030326 142531 127.0.0.1 SMTP (379) >. > 20030326 142532 127.0.0.1 SMTP (379) 250 OK id=18yAuB-00056n-00 > 20030326 142532 127.0.0.1 SMTP (379) rdeliver hu.inter.net [EMAIL PROTECTED] (1) > <[EMAIL PROTECTED]> 2499 > 20030326 142532 127.0.0.1 SMTP (379) >QUIT > 20030326 142532 127.0.0.1 SMTP (379) 221 clever.eusc.inter.net closing connection > 20030326 142532 127.0.0.1 SMTP (379) finished E:\Spool\Qaa485e2b00388c2e.SMD status=1 > ---------------------------------------------------------------------- > > Date: Thu, 27 Mar 2003 13:52:27 +0100 > From: "Roland Braun" <[EMAIL PROTECTED]> > Subject: Re: Re[2]: [IMail Forum] SQL and Imail external database > Reply-To: [EMAIL PROTECTED] > Hi, > > >Not quite any: there are syntactical differences that make some > >RDBMSs--for instance, Sybase SQLAnywhere (AFAIK) and > >MySQL--non-workable with the standard DLL. > > oops!?! > We use Sybase SQLAnywhere Studio 8.0.0, (now updated to 8.0.2) for one year together with IMail server 7.1x and WS FTP-Server 3.14 (each service on a separate machine) without any problems. All with the standard dll's;-) All machines are w2k sp3. Earlier it was Sybase AdaptiveServer Anywhere 6.0.x, and there where not problems too. > > Until today I didn't have heard about the mentioned syntactical differences. > > Roland > > -- > Dr. Roland Braun > Max Planck Institute for Comparative Public Law > and International Law > Im Neuenheimer Feld 535; D-69120 Heidelberg > Phone: +49 6221 482 608; Fax: +49 6221 482 278 > > > > > > -- > Dr. Roland Braun > Max Planck Institute for Comparative Public Law > and International Law > Im Neuenheimer Feld 535; D-69120 Heidelberg > Phone: +49 6221 482 608; Fax: +49 6221 482 278 > > > ---------- Original Message ---------------------------------- > From: Sanford Whiteman <[EMAIL PROTECTED]> > Reply-To: [EMAIL PROTECTED] > Date: Wed, 26 Mar 2003 18:21:27 -0500 > > >> Unless I'm missing something, I believe the ODBC drivers should work with > >> *any* ODBC data source. > > > >Not quite any: there are syntactical differences that make some > >RDBMSs--for instance, Sybase SQLAnywhere (AFAIK) and > >MySQL--non-workable with the standard DLL. > > > >I don't know about DB2, but testing would soon show whether it > >works--if it works in the lab for all IMail functions, including table > >auto-creation, that should do it (leaving aside loaded performance > >issues, of course). > > > >-Sandy > > > > > >------------------------------------ > >Sanford Whiteman, Chief Technologist > >Broadleaf Systems, a division of > >Cypress Integrated Systems, Inc. > >e-mail: [EMAIL PROTECTED] > >------------------------------------ > > > > > >To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html > >List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ > >Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ > > > > ---------------------------------------------------------------------- > > Date: Thu, 27 Mar 2003 08:25:34 -0500 > From: "R. Scott Perry" <[EMAIL PROTECTED]> > Subject: Re: [IMail Forum] Need help interpreting Logs > Reply-To: [EMAIL PROTECTED] > > >The system is IMail 7.14 with "no mail relay" checked and "disable smtp > >auth" UNchecked. > > You actually helped us find the problem by removing the IP of your firewall: > > >20030326 142528 127.0.0.1 SMTPD (5E2B0038) [195.65.117.14] connect > >My.Fire.Wall.IP port 5502 > >20030326 142528 127.0.0.1 SMTPD (5E2B0038) [My.Fire.Wall.IP] EHLO > >namenn6iahca77 > >20030326 142528 127.0.0.1 SMTPD (5E2B0038) [My.Fire.Wall.IP] MAIL > >FROM: <[EMAIL PROTECTED]> > >20030326 142528 127.0.0.1 SMTPD (5E2B0038) [My.Fire.Wall.IP] RCPT > >TO: <[EMAIL PROTECTED]> > >20030326 142528 127.0.0.1 SMTPD (5E2B0038) [My.Fire.Wall.IP] RCPT > >TO: <[EMAIL PROTECTED]> > >20030326 142528 127.0.0.1 SMTPD (5E2B0038) [My.Fire.Wall.IP] > >E:\Spool\Daa485e2b00388c2e.SMD 2499 > > Your firewall is acting as an SMTP server -- in almost all cases, this is a > bad thing, and causes problems (or worse, it may be a "reverse firewall" > that is protecting the Internet from you, but not protecting you from the > Internet). > > So spammers aren't connecting to your mailserver -- they are connecting to > your firewall's mailserver, which is allowing them to spam! You'll need to > either remove the firewall (which will improve security in this case, as > far as mail is concerned), or fix it so that it doesn't interfere with > SMTP, or get it to handle anti-relay. > > -Scott > --- > Declude JunkMail: The advanced anti-spam solution for IMail mailservers. > Declude Virus: Catches both viruses and vulnerabilities in E-mail, with no > annual licensing fees. > > --- > [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] > > ---------------------------------------------------------------------- > > Date: Thu, 27 Mar 2003 15:19:33 +0100 > From: Buchenauer Christian <[EMAIL PROTECTED]> > Subject: Re: [IMail Forum] Need help interpreting Logs > Reply-To: [EMAIL PROTECTED] > Scott, > > > You actually helped us find the problem by removing the IP of your firewall > Well, it is 195.65.117.4 > > Your hint about the Firewall helped to find out what was going on: After looking through the > FW-logs I see that the traffic originates from the inside (someone checking a pop3-box in > .at and sending messages with this particular sender address). It was no spammer / no relaying > then. > > However, I still can't see any smtp-authentication for these SMTPD processes. > > Is it possible that the smtp authentication has its own process identifier, different from the > identifier we see in the rest of the transaction? > > Thanks > Chris > ---------------------------------------------------------------------- > > Date: Thu, 27 Mar 2003 09:38:53 -0500 > From: "R. Scott Perry" <[EMAIL PROTECTED]> > Subject: Re: [IMail Forum] Need help interpreting Logs > Reply-To: [EMAIL PROTECTED] > > >However, I still can't see any smtp-authentication for these SMTPD processes. > > If you use "Relay for Addresses", SMTP AUTH isn't needed for the IPs that > you list as trusted IPs. So anyone coming via the firewall mailserver will > not need to use SMTP AUTH (assuming you have the IP of the firewall listed > as one of the trusted IPs). > > >Is it possible that the smtp authentication has its own process > >identifier, different from the > >identifier we see in the rest of the transaction? > > I do believe that the SMTP AUTH log file entries do use a different process > identifier than is used for the rest of the transaction. > > -Scott > --- > Declude JunkMail: The advanced anti-spam solution for IMail mailservers. > Declude Virus: Catches both viruses and vulnerabilities in E-mail, with no > annual licensing fees. > > --- > [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] > > ---------------------------------------------------------------------- > > Date: Thu, 27 Mar 2003 08:54:46 -0600 > From: John Carter <[EMAIL PROTECTED]> > Subject: Re: [IMail Forum] Can someone translate this for me please > Reply-To: [EMAIL PROTECTED] > I believe it will look something like this: > 03:24 07:39 SMTPD(00000210) Authenticated [EMAIL PROTECTED], session > treated as local. > > John > > > Patrick Childers wrote: > > >>(reason: 552-Postilaatikon maksimikapasiteetti ylitetty!) > >> > >> > >> > > > >Their mailbox is full. :) > > > >********************************** > > > >SMTP REPLY CODES > > > >211 System status, or system help reply > > > >214 Help message > >(Information on how to use the receiver or the meaning of a particular > >non-standard command; this reply is useful only to the human user) > > > >220 Service ready > > > >221 Service closing transmission channel > > > >250 Requested mail action okay, completed > > > >251 User not local; will forward to > > > >354 Start mail input; end with . > > > >421 Service not available, closing transmission channel > >(This may be a reply to any command if the service knows it must shut down) > > > >450 Requested mail action not taken: mailbox unavailable > >(E.g., mailbox busy) > > > >451 Requested action aborted: local error in processing > > > >452 Requested action not taken: insufficient system storage > > > >500 Syntax error, command unrecognized > >(This may include errors such as command line too long) > > > >501 Syntax error in parameters or arguments > > > >502 Command not implemented > > > >503 Bad sequence of commands > > > >504 Command parameter not implemented > > > >550 Requested action not taken: mailbox unavailable > >(E.g., mailbox not found, no access) > > > >551 User not local; please try > > > >552 Requested mail action aborted: exceeded storage allocation > > > >553 Requested action not taken: mailbox name not allowed > >(E.g., mailbox syntax incorrect) > > > >554 Transaction failed (Or, in the case of a connection-opening response, > >"No SMTP service here") > > > > > >--- > >[This E-mail scanned for viruses by Declude/McAfee] > > > > > >To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html > >List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ > >Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ > > > > > > > > > > > ---------------------------------------------------------------------- > > Date: Thu, 27 Mar 2003 09:59:42 -0500 > From: "Dave MacMillan" <[EMAIL PROTECTED]> > Subject: Re: [IMail Forum] listserver aliases > Reply-To: [EMAIL PROTECTED] > > http://support.ipswitch.com/kb/IM-19991019-DM01.htm > IMail - How to use a Program Alias to add subscribers to a list server > mail list > > Dave > > > In reply to 26 Mar message from [EMAIL PROTECTED]: > > >Is it possible to streamline an unsubscribe request without > >requiring a user to reply to "[EMAIL PROTECTED]" with the text > >"unsubscribe listname"? > > >If it's any more convoluted than the user simply replying to the > >email is it really a listserver?! > > >Ideally, I'd like to try writing an alias that would mitigate > >this issue, so a user could just reply to the list with the word > >"unsubscribe" in the subject or the body and be removed, but this > >doesn't seem to work. The list I'm setting up is modera ted, > >allowing unsubscribes on the subject line and disabling list > >commands for anything but unsubscribes. > > >Someone, please kick me a clue (imailsrv reference link, alias > >example, link to a real listserver product)? > > >To Unsubscribe: > >http://www.ipswitch.com/support/mailing-lists.html List Archive: > >http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ > >Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ > > > > ---------------------------------------------------------------------- > > From: "Michael" <[EMAIL PROTECTED]> > Subject: [IMail Forum] Directing to a certain page > Date: Thu, 27 Mar 2003 17:24:22 +0200 > Reply-To: [EMAIL PROTECTED] > This is a multi-part message in MIME format. > > ------=_NextPart_000_0104_01C2F485.B542B230 > Content-Type: text/plain; > charset="windows-1256" > Content-Transfer-Encoding: quoted-printable > > Can I make new template with new pages rather than the existing = > template? or Can I force the system of IMail to go to a certain page?=20 > For example: I need to go to msgsum.html directly instead of menu.html = > after login, and so forth.. > Actually I don't know where the processing in the pages occur( like = > verifying userid and password in login, sending mail and so..) > > Any suggestions will be appreciated > > Thanks > > Michael > [EMAIL PROTECTED] > www.MakingSites.com > > ------=_NextPart_000_0104_01C2F485.B542B230 > Content-Type: text/html; > charset="windows-1256" > Content-Transfer-Encoding: quoted-printable > > <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> > <HTML><HEAD> > <META http-equiv=3DContent-Type content=3D"text/html; = > charset=3Dwindows-1256"> > <META content=3D"MSHTML 5.50.4922.900" name=3DGENERATOR> > <STYLE></STYLE> > </HEAD> > <BODY bgColor=3D#ffffff> > <DIV><FONT face=3DArial size=3D2>Can I make new template with new pages = > rather than=20 > the existing template? or </FONT><FONT face=3DArial size=3D2>Can I force = > the system=20 > of IMail to go to a certain page? </FONT></DIV> > <DIV><FONT face=3DArial size=3D2>For example: I need to go to = > msgsum.html directly=20 > instead of menu.html after login, and so forth..</FONT></DIV> > <DIV><FONT face=3DArial size=3D2>Actually I don't know where the = > processing in the=20 > pages occur( like verifying userid and password in login, sending mail = > and=20 > so..)</FONT></DIV> > <DIV><FONT face=3DArial size=3D2></FONT> </DIV> > <DIV><FONT face=3DArial size=3D2>Any suggestions will be = > appreciated</FONT></DIV> > <DIV><FONT face=3DArial size=3D2></FONT> </DIV> > <DIV><FONT face=3DArial size=3D2>Thanks</FONT></DIV> > <DIV><B><FONT face=3Dverdana color=3D#004080></FONT></B> </DIV> > <DIV><B><FONT face=3Dverdana color=3D#004080>Michael</FONT></B><BR><FONT = > > color=3D#713500><A=20 > href=3D"mailto:[EMAIL PROTECTED]">[EMAIL PROTECTED]</A>= > <BR><A=20 > href=3D"http://www.MakingSites.com";>www.MakingSites.com</A><BR></DIV></FO= > NT></BODY></HTML> > > ------=_NextPart_000_0104_01C2F485.B542B230-- > > ---------------------------------------------------------------------- > > From: "Rick Leske" <[EMAIL PROTECTED]> > Subject: [IMail Forum] [OT] Recent Update causing firewall to trigger > Date: Thu, 27 Mar 2003 10:15:13 -0600 > Reply-To: [EMAIL PROTECTED] > I've recently updated our systems with the 331953: Security Update (Windows > XP) > > After reboot my firewall triggered: > > Connection attempt Firewall protection 03/27/03 09:47:02 Blocked > Application: C:\WINDOWS\SYSTEM32\rundll32.exe > Connection attempt Firewall protection 03/27/03 09:47:02 Blocked > Application: C:\WINDOWS\SYSTEM32\rundll32.exe > > > Both of these port 80 outbound connections were attempted to 207.46.197.121 > and 207.46.134.94 respectively. > > My Question is what information are you trying to secretly obtain from my > computer? > > > Rick Leske > CIA > FamHost > > ___________________________________________________________________ > Virus Scanned and Filtered by http://www.FamHost.com E-Mail System. > > ---------------------------------------------------------------------- > > Date: Thu, 27 Mar 2003 11:29:45 -0500 > From: Sanford Whiteman <[EMAIL PROTECTED]> > Subject: Re[4]: [IMail Forum] SQL and Imail external database > Reply-To: [EMAIL PROTECTED] > > oops!?! We use Sybase SQLAnywhere Studio 8.0.0, (now updated to > > 8.0.2) for one year together with IMail server 7.1x and WS > > FTP-Server 3.14 (each service on a separate machine) without any > > problems. All with the standard dll's;-) All machines are w2k sp3. > > Earlier it was Sybase AdaptiveServer Anywhere 6.0.x... > > Tthis is with original SQLAnywhere, e.g. v5.0. > > -Sandy > > > ------------------------------------ > Sanford Whiteman, Chief Technologist > Broadleaf Systems, a division of > Cypress Integrated Systems, Inc. > e-mail: [EMAIL PROTECTED] > ------------------------------------ > > ---------------------------------------------------------------------- > > From: "Bill Landry" <[EMAIL PROTECTED]> > Subject: Re: [IMail Forum] [OT] Recent Update causing firewall to trigger > Date: Thu, 27 Mar 2003 08:38:18 -0800 > Reply-To: [EMAIL PROTECTED] > ----- Original Message ----- > From: "Rick Leske" <[EMAIL PROTECTED]> > To: "Iis5" <[EMAIL PROTECTED]>; "IMail_Forum" > <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> > Sent: Thursday, March 27, 2003 8:15 AM > Subject: [IMail Forum] [OT] Recent Update causing firewall to trigger > > > > I've recently updated our systems with the 331953: Security Update > (Windows > > XP) > > > > After reboot my firewall triggered: > > > > Connection attempt Firewall protection 03/27/03 09:47:02 Blocked > > Application: C:\WINDOWS\SYSTEM32\rundll32.exe > > Connection attempt Firewall protection 03/27/03 09:47:02 Blocked > > Application: C:\WINDOWS\SYSTEM32\rundll32.exe > > > > > > Both of these port 80 outbound connections were attempted to > 207.46.197.121 > > and 207.46.134.94 respectively. > > > > My Question is what information are you trying to secretly obtain from my > > computer? > > Who is the "you" that you are referring to in your question above? If you > look up the IP addresses you referrence above, you will find that they > belong to: > > Name: wustat.windows.com > Address: 207.46.197.121 > > Name: windowsupdate.com > Address: 207.46.134.94 > > Bill > > ---------------------------------------------------------------------- > > From: "Darrell LaRock" <[EMAIL PROTECTED]> > Subject: [IMail Forum] Upgrading From 1000 Users To Unlimited > Date: Thu, 27 Mar 2003 11:59:33 -0500 > Reply-To: [EMAIL PROTECTED] > I am going to be upgrading our mail server from 1000 users to Unlimited > here within the next week or so. > > 1.) Can anyone tell me what's involved with this upgrade? Is their > anything you have to do or modify? > 2.) As far as I know all I have to purchase is the 1000 User Upgrade To > Unlimited AND the 1000 user service level agreement upgrade to unlimited > user service level agreement. > > Darrell > > > ---------------------------------------------------------------------- > > From: "Sharyn Schmidt" <[EMAIL PROTECTED]> > Subject: [IMail Forum] Weird Web Messaging behaviour verdict from IMAIL tech support > Date: Thu, 27 Mar 2003 12:00:56 -0500 > Reply-To: [EMAIL PROTECTED] > This was the response I received after explaining to their tech support > what I discovered from this list and asking if IMAIL had a fix.... > > > "Microsoft broke HTML standards with that stationary. > > At present there's nothing we can do to fix it, other than forwarding > the message back to yourself or creating a rule at the domain level that > searches for the incomplete HTML tag and captures the message so the > users don't get blank emails." > > > If anyone figures out a fix for this other than recoding MS's > stationary, please let me know as this is an issue that is going to crop > up for us over and over. > > Thanks! > Sharyn > > > We are the worldwide producer and marketer of the award winning Cruzan > Single Barrel Rum, judged "Best in the World" at the annual > San Francisco Wine and Spirits Championships. For > more information, please click (go to) <html><a href="http://www.cruzanrums.com";>www.cruzanrums.com</a></html> > ---------------------------------------------------------------------- > > Date: Thu, 27 Mar 2003 12:22:26 -0500 > From: "R. Scott Perry" <[EMAIL PROTECTED]> > Subject: Re: [IMail Forum] Directing to a certain page > Reply-To: [EMAIL PROTECTED] > > >Can I make new template with new pages rather than the existing template? > >or Can I force the system of IMail to go to a certain page? > >For example: I need to go to msgsum.html directly instead of menu.html > >after login, and so forth.. > > I don't believe you can just add your own web pages that IMail will serve. > > However, I had done some web messaging work a couple years ago, and I > believe I had it set up to go to msgsum.html instead of menu.html (it may > have been through a JavaScript redirect?). > > -Scott > --- > Declude JunkMail: The advanced anti-spam solution for IMail mailservers. > Declude Virus: Catches both viruses and vulnerabilities in E-mail, with no > annual licensing fees. > > --- > [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] > > ---------------------------------------------------------------------- > > From: "Rick Leske" <[EMAIL PROTECTED]> > Subject: RE: [IMail Forum] [OT] Recent Update causing firewall to trigger > Date: Thu, 27 Mar 2003 11:30:51 -0600 > Reply-To: [EMAIL PROTECTED] > sorry bill was suppose to go to list as an [OT] off topic CC > > ~Rick > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] Behalf Of Bill Landry > > Sent: Thursday, March 27, 2003 10:38 AM - FamHost > > To: [EMAIL PROTECTED] > > Subject: Re: [IMail Forum] [OT] Recent Update causing firewall to > > trigger > > > > > > ----- Original Message ----- > > From: "Rick Leske" <[EMAIL PROTECTED]> > > To: "Iis5" <[EMAIL PROTECTED]>; "IMail_Forum" > > <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>; > > <[EMAIL PROTECTED]> > > Sent: Thursday, March 27, 2003 8:15 AM > > Subject: [IMail Forum] [OT] Recent Update causing firewall to trigger > > > > > > > I've recently updated our systems with the 331953: Security Update > > (Windows > > > XP) > > > > > > After reboot my firewall triggered: > > > > > > Connection attempt Firewall protection 03/27/03 09:47:02 Blocked > > > Application: C:\WINDOWS\SYSTEM32\rundll32.exe > > > Connection attempt Firewall protection 03/27/03 09:47:02 Blocked > > > Application: C:\WINDOWS\SYSTEM32\rundll32.exe > > > > > > > > > Both of these port 80 outbound connections were attempted to > > 207.46.197.121 > > > and 207.46.134.94 respectively. > > > > > > My Question is what information are you trying to secretly > > obtain from my > > > computer? > > > > Who is the "you" that you are referring to in your question above? If you > > look up the IP addresses you referrence above, you will find that they > > belong to: > > > > Name: wustat.windows.com > > Address: 207.46.197.121 > > > > Name: windowsupdate.com > > Address: 207.46.134.94 > > > > Bill > > > > > > To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html > > List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ > > Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ > > ___________________________________________________________________ > > Virus Scanned and Filtered by http://www.FamHost.com E-Mail System. > > > > > > ___________________________________________________________________ > Virus Scanned and Filtered by http://www.FamHost.com E-Mail System. > > ---------------------------------------------------------------------- > > From: Dustin Freeman <[EMAIL PROTECTED]> > Subject: [IMail Forum] imail hostname vs dns name > Date: Thu, 27 Mar 2003 14:47:01 -0500 > Reply-To: [EMAIL PROTECTED] > we just installed a new installation of iMail 7.14 > we would like to have the iMail virtual host name (imail.domain.com) be > different than the DNS host name (webmail.domain.com) iMail appears to > require the hostname to be identical to the DNS hostname. > Any work around for this? > > Thanks > Dustin > > ---------------------------------------------------------------------- > > From: "Ives Stoddard" <[EMAIL PROTECTED]> > Subject: Re: [IMail Forum] imail hostname vs dns name > Date: Thu, 27 Mar 2003 16:33:26 -0500 > Reply-To: [EMAIL PROTECTED] > Dustin, > > While they don't have to be the same, you do have to make sure that all DNS > records resolve to the correct names and IP addresses from the view of all > email servers (including the external world with your reverse PTR lookups > for your external IP address as it should match the host name for your mail > server, otherwise remote mail servers might reject your email thinking it's > SPAM). > > In short, you can use the domain/host alias field if the domain name and > host are different (almost necessary in peered server configurations). > > Be advised that in some cases you may need manually add a line to your > server's "HOSTS" file (\<win>\system32\drivers\etc\HOSTS). > > There are couple links on Ipswitches support site that might help... > > http://www.ipswitch.com/support/IMail/guide/imailug7.1/Chapter%203%20config6 > .html > http://www.ipswitch.com/support/IMail/guide/imailug7.1/Appendix%20I%20dns3.h > tml > http://www.ipswitch.com/support/IMail/guide/imailug7.1/Appendix%20I%20dns4.h > tml > > For more links, go to... "http://jabba.ipswitch.com/query.html"; and > enter... "host name | imail" in the search field for more links on > Ipswitches site. > > -ives > > > ----- Original Message ----- > From: "Dustin Freeman" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Thursday, March 27, 2003 2:47 PM > Subject: [IMail Forum] imail hostname vs dns name > > > > we just installed a new installation of iMail 7.14 > > we would like to have the iMail virtual host name (imail.domain.com) be > > different than the DNS host name (webmail.domain.com) iMail appears to > > require the hostname to be identical to the DNS hostname. > > Any work around for this? > > > > Thanks > > Dustin > > > > > > To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html > > List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ > > Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ > > > > ---------------------------------------------------------------------- > > From: "Darrell LaRock" <[EMAIL PROTECTED]> > Subject: [IMail Forum] Server Mirroring (Second NIC) Question > Date: Thu, 27 Mar 2003 17:10:30 -0500 > Reply-To: [EMAIL PROTECTED] > > Many people have reported that they had problems with high end network > cards. We are going to embark on a server mirroring project that will > place a second NIC (Gigabit) and have a cable that will run between the > two servers. My intention is that the replication will occur over that > connection. > > Has anyone had any problems with second operation nics in Imail? > Has anyone done a similar configuration like this? > > Darrell > > > ---------------------------------------------------------------------- > > From: "Travis Rabe" <[EMAIL PROTECTED]> > Subject: RE: [IMail Forum] Server Mirroring (Second NIC) Question > Date: Thu, 27 Mar 2003 14:22:16 -0800 > Reply-To: [EMAIL PROTECTED] > I have had problems with *ANY* Gigabit NIC; however,my problem was limited > to Dell servers. > > Travis > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] Behalf Of Darrell LaRock > > Sent: Thursday, March 27, 2003 2:11 PM > > To: [EMAIL PROTECTED] > > Subject: [IMail Forum] Server Mirroring (Second NIC) Question > > > > > > > > Many people have reported that they had problems with high end network > > cards. We are going to embark on a server mirroring project that will > > place a second NIC (Gigabit) and have a cable that will run between the > > two servers. My intention is that the replication will occur over that > > connection. > > > > Has anyone had any problems with second operation nics in Imail? > > Has anyone done a similar configuration like this? > > > > Darrell > > > > > > > > To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html > > List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ > > Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ > > > > ---------------------------------------------------------------------- > > Date: Thu, 27 Mar 2003 17:16:33 -0600 > From: "Sean P. Malone" <[EMAIL PROTECTED]> > Subject: Re: [IMail Forum] Secure IMAP/POP > Reply-To: [EMAIL PROTECTED] > Ives, > > This is encouraging news to me. As you know, in terms of POP3 clients, such as Outlook, the Imail POP3 service cannot be configured to use SSL. Thus, even if Kerberos is keeping NT/AD usernames and passwords from flying around your network in clear-text, the second someone checks their email with a standard POP3 client the information is sent to Imail POP3 in the clear. So much for security...just set a sniffer to scan all POP3 traffic that contains "user" and "pass". > > Can you clarify, with your experience with this product you mention below (I beleive they are called SSL offloaders), could one set this appliance infront of the mail server to eliminate POP3 passwords from being sent through the internal network in the clear? Thus providing a enternal end-to-end tunel from the POP3 client to the SSL offloader - which I'm guessing has one port that leads to the network and another that links right into the Imail server. > > Thanks! > > Sean > ---------- Original Message ---------------------------------- > From: "Ives Stoddard" <[EMAIL PROTECTED]> > Reply-To: [EMAIL PROTECTED] > Date: Tue, 25 Mar 2003 17:05:58 -0500 > > >We use the hardware SSL product from from SonicWall (actually we've got the CISCO version, but SonicWall makes the internals - SonicWall should be the cheaper of the two), where you can put any port or service behind SSL. > > > >We were forced to use SSL for POP, IMAP, SMTP because we use NT/AD authentication (for single user/pass auth to all our internal systems). We couldn't use IMail's SSL because of the poor performance when you reach a large number of users. If you're looking for an excellent solution, that's the way to go unless a new competitor has a cheaper product available (SonicWall and CISCO aren't cheap - the investment is worth it if you need the security and performance). > > > >Regards, > > > >Ives > > ----- Original Message ----- > > From: Paul Kildee > > To: [EMAIL PROTECTED] > > Sent: Tuesday, March 25, 2003 3:48 PM > > Subject: SPAM: The Below EMail May Be SPAM ----- [IMail Forum] Secure IMAP/POP > > > > > > Has anyone worked out a better solution to IMAP or POP via a SSL connection besides the Stunnel program? > > > > Paul > > > ---------------------------------------------------------------------- > > From: "John Tolmachoff" <[EMAIL PROTECTED]> > Subject: RE: [IMail Forum] Secure IMAP/POP > Date: Thu, 27 Mar 2003 15:58:10 -0800 > Reply-To: [EMAIL PROTECTED] > > This is encouraging news to me. As you know, in terms of POP3 = > clients, > such as > > Outlook, the Imail POP3 service cannot be configured to use SSL. = > Thus, > even if > > Kerberos is keeping NT/AD usernames and passwords from flying around = > your > > network in clear-text, the second someone checks their email with a > standard > > POP3 client the information is sent to Imail POP3 in the clear. So = > much > for > > security...just set a Sniffer to scan all POP3 traffic that contains > "user" and "pass". > > I am not sure that is accurate. > > When testing the recent discussion about long addresses, when viewing = > the > logs, the user name and password were encrypted to some extent by = > Outlook. > Now, I did not do a NetMon session on the receiving server to check what = > was > actually received, but the POP3 log by Outlook showed it encrypted. > > John Tolmachoff MCSE, CSSA > IT Manager, Network Engineer > RelianceSoft, Inc. > Fullerton, CA 92835 > www.reliancesoft.com > > > > ---------------------------------------------------------------------- > > From: "Jerry Murdock" <[EMAIL PROTECTED]> > Subject: Re: [IMail Forum] Secure IMAP/POP > Date: Thu, 27 Mar 2003 20:02:26 -0500 > Reply-To: [EMAIL PROTECTED] > No. Don't know what Outlook is doing with it's logs, but POP3 User/Pass > are both plain text over the wire. You need APOP or SSL to keep the POP > password from passing in clear text. > > Jerry > > ---- Original Message ----- > From: "John Tolmachoff" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Thursday, March 27, 2003 6:58 PM > Subject: RE: [IMail Forum] Secure IMAP/POP > > > > This is encouraging news to me. As you know, in terms of POP3 clients, > such as > > Outlook, the Imail POP3 service cannot be configured to use SSL. Thus, > even if > > Kerberos is keeping NT/AD usernames and passwords from flying around > your > > network in clear-text, the second someone checks their email with a > standard > > POP3 client the information is sent to Imail POP3 in the clear. So much > for > > security...just set a Sniffer to scan all POP3 traffic that contains > "user" and "pass". > > I am not sure that is accurate. > > When testing the recent discussion about long addresses, when viewing the > logs, the user name and password were encrypted to some extent by Outlook. > Now, I did not do a NetMon session on the receiving server to check what > was > actually received, but the POP3 log by Outlook showed it encrypted. > > John Tolmachoff MCSE, CSSA > IT Manager, Network Engineer > RelianceSoft, Inc. > Fullerton, CA 92835 > www.reliancesoft.com > > > > > To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html > List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ > Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ > > ---------------------------------------------------------------------- > > Date: Thu, 27 Mar 2003 20:20:07 -0500 > From: Sanford Whiteman <[EMAIL PROTECTED]> > Subject: Re[2]: [IMail Forum] Secure IMAP/POP > Reply-To: [EMAIL PROTECTED] > > Ives, > > > ...Thus, even if Kerberos is keeping NT/AD usernames and passwords > > from flying around your network in clear-text, the second someone > > checks their email with a standard POP3 client the information is > > sent to Imail POP3 in the clear... > > Not so. IMail offers APOP authentication, which will prevent this > level of compromise. However, the data itself, unless encrypted > separately, will still travel in the clear. > > What you should also be thinking about is individual threat > assessment. Are you worried about end users sniffing the wire? Then > use a fully switched network, which will surely cost less to implement > and support than a tunneling appliance! Or are you worried about > sniffing by sysadmins who have switchroom access, but don't otherwise > have access to the mail server infrastructure? > > > ...could one set this appliance infront of the mail server to > > eliminate POP3 passwords from being sent through the internal > > network in the clear? Thus providing a enternal end-to-end tunel > > from the POP3 client to the SSL offloader which I'm guessing has one > > port that leads to the network and another that links right into the > > Imail server. > > You don't need a physically isolated subnet. Once the tunnel is set > up, it could traverse multiple shared or switched links. > > -Sandy > > > ------------------------------------ > Sanford Whiteman, Chief Technologist > Broadleaf Systems, a division of > Cypress Integrated Systems, Inc. > e-mail: [EMAIL PROTECTED] > ------------------------------------ > > ---------------------------------------------------------------------- > > Date: Thu, 27 Mar 2003 23:01:30 -0600 > From: "mybb " <[EMAIL PROTECTED]> > Subject: [IMail Forum] calendar and web code > Reply-To: [EMAIL PROTECTED] > Hi > > I have been trying for several days to figure out why I do not have access to userdirectory or topdirectory within the calendar area. > > I have tried adding the lstLocalAddr to the functions cgi and defining it as the domain and then using ical.topdirectory but it never returns a value. I have tried passing it in the url and then adding the topdirectory in my code and I have been unsuccessful. > > On the same note, I have tried to access some of the calendar information in the email side and have not been able to do that. > > Has anyone tried this? can anyone offer a suggestion or answer as to how I can get the information from that function on the calendar side? > > thanks in advance. > Karen > ---------------------------------------------------------------------- > > From: "David" <[EMAIL PROTECTED]> > Subject: [IMail Forum] Strange message > Date: Fri, 28 Mar 2003 08:19:19 +0200 > Reply-To: [EMAIL PROTECTED] > Hi all! > > I am running Imail 7.15. I just noticed this message: > > IWEBMSG (808) Web Error 192.168.48.81 0 - open failed for > C:\IMail\Web\robots.txt. (IP has been changed) > > Has anyone heard of robots.txt? > > > Thanks, > > David > > ---------------------------------------------------------------------- > > Date: Fri, 28 Mar 2003 16:58:47 +1030 > From: Evan Pearce <[EMAIL PROTECTED]> > Subject: Re: [IMail Forum] Strange message > Reply-To: [EMAIL PROTECTED] > On 28/03/2003 at 16:49:19, David wrote: > > > Has anyone heard of robots.txt? > > It's used by responsible web spiders (eg search engines). Pages listed > in robots.txt are avoided by the spider. > > http://www.robotstxt.org/wc/norobots.html has a bit more detail. > > Cheers, > Evan > > ---------------------------------------------------------------------- > > From: "Tom" <[EMAIL PROTECTED]> > Subject: RE: [IMail Forum] Strange message > Date: Fri, 28 Mar 2003 01:36:07 -0500 > Reply-To: [EMAIL PROTECTED] > > > Has anyone heard of robots.txt? > > Yes, it was designed for the search engines. It basically tells > the search engine robots as their called what to look at and > what not to look at. Some search engines do not use it. > AltaVista.com uses this and should provide an informational > link about the file. > > Regards, > Tom > Image`fx > > ---------------------------------------------------------------------- > > From: "David" <[EMAIL PROTECTED]> > Subject: RE: [IMail Forum] Strange message > Date: Fri, 28 Mar 2003 08:48:54 +0200 > Reply-To: [EMAIL PROTECTED] > But what does IWEBMSG have to do with robots.txt? > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Evan Pearce > Sent: Friday, 28 March, 2003 08:29 > To: David > Subject: Re: [IMail Forum] Strange message > > > On 28/03/2003 at 16:49:19, David wrote: > > > Has anyone heard of robots.txt? > > It's used by responsible web spiders (eg search engines). Pages listed > in robots.txt are avoided by the spider. > > http://www.robotstxt.org/wc/norobots.html has a bit more detail. > > Cheers, > Evan > > > To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html > List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ > Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ > > To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
