I just want to re-clarify something that I mentioned before in relation
to the vulnerability and gateways.
The only way that one can prevent the exploit on an exploitable copy it
to turn off the SMTP service or prevent all external traffic. This is
not an option for most running IMail. Those affected are best served in
relation to the vulnerability by upgrading to a fixed version. All a
script kiddie needs to do is point their exploit script at your
unprotected server's IP and it's toast. A gateway can't prevent that
from happening.
The gateways are great ways to displace the vast majority of trash from
getting to a mail server, and they do help prevent other issues such as
malformed messages from crashing things like Queue Manager, or
protecting servers from being overloaded, and allowing one to use much
more CPU aggressive filtering at a deep-scanning layer since there is
less to scan. There are a host of other advantages too that are not as
universal or independent to one particular product or another.
Matt
Chris Moody wrote:
S'Okay. :)
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Mike Callahan
Sent: Wednesday, November 01, 2006 10:58 AM
To: Imail_Forum@list.ipswitch.com
Subject: RE: [IMail Forum] Update for SMTP vulnerability in 8.22
Oops, never mind. I misread the previous message. You were offering
these as examples and advising to choose ONE, not use them all. ;-)
That makes sense. *self-administered dope slap in progress*
~M
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Chris Moody
Sent: Friday, October 27, 2006 12:31 PM
To: Imail_Forum@list.ipswitch.com
Subject: RE: [IMail Forum] Update for SMTP vulnerability in 8.22
ASSP, IMGATE, , Barracuda and Alligate all sit in front of the mail
server and act as a gateway. If you keep your mail server otherwise
firewalled and have one of these products out in front then the
vulnerability is mitigated (from external sources).
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of
[EMAIL PROTECTED]
Sent: Friday, October 27, 2006 12:28 PM
To: Imail_Forum@list.ipswitch.com
Subject: RE: [IMail Forum] Update for SMTP vulnerability in 8.22
So am I to understand that ASSP somehow prevents the vulnerabtility from
being a problem?
Mike N
FXOL
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html
List Archive:
http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html
List Archive:
http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html
List Archive:
http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html
List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html
List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/