When I did the upgrade from 8.15 to 8.22 many moons ago from what I remember
it was fairly painless.
John T
eServices For You
Life is a succession of lessons which must be lived to be understood.
Ralph Waldo Emerson (1802-1882)
-Original Message-
From: [EMAIL PROTECTED]
Darin,
When I did the upgrade from 8.15 to 8.22 many moons ago from
what I remember
it was fairly painless.
John T
eServices For You
Same here. No problem that I recall.
Michael Thomas
Mathbox
978-683-6718
1-877-MATHBOX (Toll Free)
To Unsubscribe:
Is Ipswitch planning to check/fix prior 8.22 versions?
Any SMTP update for 8.15 will work in 8.05??
If i understand correctly, SMTP was fully rewrited in 8.22, so is same in
8.05 and 8.15
Thxs,
Pere Ginabreda
-Mensaje original-
De: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] nombre de
Yes, there were differences in the SMTP service between 8.0x and 8.1x.
John T
eServices For You
Life is a succession of lessons which must be lived to be understood.
Ralph Waldo Emerson (1802-1882)
-Original Message-
From: [EMAIL PROTECTED] [mailto:Imail_Forum-
[EMAIL PROTECTED] On
Thanks very much.
We already updated our servers and i advised all our
customers to do same.
--Mit freundlichen
GrüssenMerlin
ConsultingMartin SchaibleBahnhofstrasse 27CH-8702
ZollikonPhone: +41 44 391 30
00Fax: +41 44 391 32
49Mail:
Since you have an SA you should have a key for 8.22. You can download 8.22
from our support pages and there is a link in the KB article I posted as
well.
Tripp
- Original Message -
From: Darin Cox [EMAIL PROTECTED]
To: Imail_Forum@list.ipswitch.com
Sent: Friday, October 27, 2006
Hi,
This is not really correct. If you have a subscription, you have a serial
key for Imail 2006. To get a key für Imail 8.22, the customer service must
be asked.
Use this form:
http://www.ipswitch.com/support/email_service.asp
--
Mit freundlichen Grüssen
any news about planning to check/fix prior 8.22 versions?
will Kevin Gillis answer this (and here)?
marc
At 09:36 27.10.2006, you wrote:
Is Ipswitch planning to check/fix prior 8.22 versions?
Any SMTP update for 8.15 will work in 8.05??
If i understand correctly, SMTP was fully rewrited in
No one as answered this question yet. I'm thinking of switching to another
email server. I would like to know if Calendar sharing can be done as if
Outlook was attached to an exchange server. Not the current way it is done
on 8.12. If 2006.1 suite can do this that would save me time and money
Not to put too fine a point on it and I don't want to seem as though I'm bashing Ipswitch unnecessarily, but being forced to upgrade due to a problem of this nature is irksome. One of the problems I'll need to deal with might seem rather minuscule to you...
We totally customize the login screens
Thanks for the update - this was squeezing some people too tightly to make
the jump from 8.22 to 2006.1 in time.
- Original Message -
From: Tripp Allen
Sent: Thursday, October 26, 2006 9:56 PM
Subject: [IMail Forum] Update for SMTP vulnerability in 8.22
The steps and files to update
I talked to Kevin Gillis. The short answer is no patch for anything older than 8.22.- Original Message From: marc [EMAIL PROTECTED]To: Imail_Forum@list.ipswitch.comSent: Friday, October 27, 2006 4:51:00 AMSubject: RE: [IMail Forum] Update for SMTP vulnerability in 8.22any news about
Many Thanks, Tripp.
Darin.
- Original Message -
From: Tripp Allen [EMAIL PROTECTED]
To: Imail_Forum@list.ipswitch.com
Sent: Friday, October 27, 2006 6:59 AM
Subject: Re: [IMail Forum] SMTP Exploit Scanning Going on NOW
Since you have an SA you should have a key for 8.22. You can
Thanks, John and Michael. I didn't figure there would be much of anything,
but figured I'd ask to be safe.
Darin.
- Original Message -
From: Michael Thomas - Mathbox [EMAIL PROTECTED]
To: Imail_Forum@list.ipswitch.com
Sent: Friday, October 27, 2006 2:39 AM
Subject: RE: [IMail Forum]
Hi Kevin,
Thanks. I'll do that. I'll go through my archives and compare against your
list when I get back in the office next week.
Darin.
- Original Message -
From: Kevin Gillis [EMAIL PROTECTED]
To: Imail_Forum@list.ipswitch.com
Sent: Friday, October 27, 2006 1:51 AM
Subject: RE:
Hi, all-
What symptoms would indicate that you've been compromised?
- Dave Doherty
Skywaves, Inc.
97 Webster Street
Worcester, MA 10603
(+1) - 508-425-7176
Please note our new mailing address!
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html
List Archive:
Yes, thanks. Will this work on 8.15?
Cheers
Mark
We are working on a update for 8.22 which will include one DLL that
needs to
be copied over the old one during a stop / start of smtpd32. I'll post a
link here as soon as it's available.
To Unsubscribe:
- Original Message -
From: Mark [Support] [EMAIL PROTECTED]
To: Imail_Forum@list.ipswitch.com
Sent: Friday, October 27, 2006 9:07 AM
Subject: Re: [IMail Forum] SMTP Exploit Scanning Going on NOW
We are working on a update for 8.22 which will include one DLL that
needs to
be copied
on the upgrade. IIRC we did not move as the central directory (LDAP) was
changed and no longer worked as it did previously.
We are a K-12 school district and rely on the LDAP to lookup addresses by name,
department, organization. This changed after 8.05 (I think)
just saying if you rely on the
No, 8.22 only.
Tom
- Original Message -
From: Mark [Support] [EMAIL PROTECTED]
To: Imail_Forum@list.ipswitch.com
Sent: Friday, October 27, 2006 9:07 AM
Subject: Re: [IMail Forum] SMTP Exploit Scanning Going on NOW
| Yes, thanks. Will this work on 8.15?
|
| Cheers
| Mark
|
| We are
LS,
Blessing to all of you. I was following the forum and have to upgrade now.
Must I upgrade the different steps and fixes in sequence or
can I just use the 8.22 on my running imail 8.15
In any case I'll backup first but doing it right the first time saves!!!
Kenneth
-Original
Thx for this update, and wow, how a software can be useless after only 1,5
years!? This negligently attitude is not more acceptable. I will not pay 1000
USD and have next year after SA expired again a security problem. Is this a new
manner to force to upgrade?
marc
At 15:24 27.10.2006, you
So, if you have no SA and are on 8.15, you either pay, or get
hacked?
Dave===Beach
ComputersAffordable Hosting
Solutionshttp://www.beachcomp.com===Cheap
Domain WarehouseGet Your Own
Or run everything through a gateway. That what I'm
going to do.
-d
- Original Message -
From:
Beach
Computers
To: Imail_Forum@list.ipswitch.com
Sent: Friday, October 27, 2006 10:44
AM
Subject: RE: [IMail Forum] Update for
SMTP vulnerability in 8.22
So,
or replace imail and go to smartermail...
marc
At 16:44 27.10.2006, you wrote:
So, if you have no SA and are on 8.15, you either pay, or get hacked?
Dave
===
Beach Computers
Affordable Hosting Solutions
http://www.beachcomp.com
I don't think it is negligent. This is a relatively new exploit found very
recently and Imail have released a fix quite quickly.
I take the view that if you use outdated software without an SA then you are
leaving yourself vulnerable and you have to be at least partially
responsible for what
I understand that Ipswitch has told people there will not be a patch for
8.15. So two questions:
1) What is the upgrade path to 8.22 for us 8.15 users? Is there one?
2) The vulnerability exploits a feature we do not use: the ability to relay
via SMTP to another server by constructing an
just
get hacked...
-Mensaje original-De:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]En nombre de Beach
ComputersEnviado el: viernes, 27 de octubre de 2006
16:45Para: Imail_Forum@list.ipswitch.comAsunto: RE:
[IMail Forum] Update for SMTP vulnerability in 8.22
So,
I'm trying to figure out the program alias.
We have a server (non Imail) that delivers email to parents. The emails all
come from the same address and pass through Imail. There are some emails that
we do not want to deliver so I'm thinking I can setup a program alias that all
mail from this
How can you tell?
Brian T.
- Original Message -
From:
Servei Tecnic [
MICROTECH ]
To: Imail_Forum@list.ipswitch.com
Sent: Friday, October 27, 2006 11:01
AM
Subject: RE: [IMail Forum] Update for
SMTP vulnerability in 8.22
just get hacked...
Right. Because that is a quicker fix than upgrading to 8.22
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of marc
Sent: Friday, October 27, 2006 9:55 AM
To: Imail_Forum@list.ipswitch.com
Subject: RE: [IMail Forum] Update for SMTP vulnerability in 8.22
Right, but also partially responsible by IPSwitch. Its the first time in 10
years that a software seems to be useless after 3 years only, when IMail 8.x
was coming out... again, this not acceptable.
marc
At 17:00 27.10.2006, you wrote:
I don't think it is negligent. This is a relatively new
I
was asking for 8.05 fix, Ipswitch told us that no fix will be for prior
8.22 versions.
It's
IpSwitch's political and it's good for me. I understand this point, we do not
support/fix 2 old versions (+5 years) of our software.
Now
i've 8.05, no SA and won't to pay new version, just get
Tripp,
I think there are several of us who are still on 8.1x who are going to
be upgrading this weekend. I will ask questions that more than just I am
probably nervous about.
For 8.12, all I needed was a serial No. Is this the same as the Key?
Is the Serial No. / Key the same for 8.12 and
I just used the link, filled out the form, and got a reply that I would have
an answer within 2 business days.
If you are trying to get this done tonight or over the weekend, this is not
a viable option.
Bill Green
dfn Systems
- Original Message -
From: Martin Schaible [EMAIL
8.2 requires you to have an activation key which is a different key than
your serial number. You can send an email to customer service to get an
activation key for 8.2 here:
http://www.ipswitch.com/support/email_service.asp
Tripp
-Original Message-
From: [EMAIL PROTECTED]
Tripp,
Is there anyone in Ipswitch that can CONFIRM this:
If any of your customers are running 8.15 they have 2 options.
PAY and upgrade.
Stay vulnerable if not running any gateways.
Your input is appreciated.
Dave
---
|Beach Computers|
So am I to understand that ASSP somehow prevents the vulnerabtility from being
a problem?
Mike N
FXOL
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html
List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ:
You can install 8.22 (and patch it) and select "Activate Later" when you launch "the smiley man". Nothing (according to techsupport) is restricted...except that you have to have activated it within 30 days or it will shut down.-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL
ASSP, IMGATE, , Barracuda and Alligate all sit in front of the mail server
and act as a gateway. If you keep your mail server otherwise firewalled and
have one of these products out in front then the vulnerability is mitigated
(from external sources).
-Original Message-
From: [EMAIL
Bill,
It is viable. Imail will run for 30 days without the key. That should give
anyone time enough to get their key.
Michael Thomas
Mathbox
978-683-6718
1-877-MATHBOX (Toll Free)
I just used the link, filled out the form, and got a reply
that I would have
an answer within 2 business
How can one verify that this patch is actually installed? I downloaded
IMail822.exe from the link Tripp posted and installed it. I was never
prompted for any activation info during the install. I don't see any recent
dates on the SMTP related files either
SMTPd32.exe - 11/30/2005 3:18PM
Thank you, Robbie, and Michael. That's what was
making me uneasy. I had a vague memory of some concerns over activation when 8.2
was new.
I've downloaded 8.22 from the link in the KB
article Tripp posted. It is named imail8.22.exe and is 23,639KB. The KB labels
it an update, but I believe
There is a separate smtpprotocol.dll file that is in zip form further down the
page. It has a date of 10/26/2006, 172 KB in size.
Stop imail services, rename old smtpprotocol.dll to smtpprotocol.sav, then copy
the new one into the Imail directory, restart services.
I think that is it...
Hello!
I am no email expert, and I didn't feel comfortable setting up a full blown
gateway (ASSP, IMGATE, etc...) while waiting for the 8.22 patch, so my kludge
was to just block all external access to my iMail server except from my backup
MXs. I setup an ETRN dequeue to run every so often and
You did the same thing I did but then I realized further down on the page
there is a link to just the SMTP dll that is updated for the fix.
Keith Zwick
Cribellum, LLC
248-596-1901 ex301
- Original Message -
From: Chris McFarling [EMAIL PROTECTED]
To: Imail_Forum@list.ipswitch.com
After you install 8.22, you will need to download the patch file from the KB
article and update the smtpprotocol.dll.
Tripp
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Chris McFarling
Sent: Friday, October 27, 2006 12:57 PM
To:
Yes, confirmed. Stop your services, run the imail8.22, launch the "smiley man", activate or trial, stop the smtp, replace the smtpprotocol.dll for the patch and start the smtp. Did it on two machines this morning...in the same nervous condition. - Original Message From: Bill Green dfn
We are not currently planning a patch for 8.1X so you will need to upgrade.
Tripp
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Beach Computers
Sent: Friday, October 27, 2006 12:25 PM
To: Imail_Forum@list.ipswitch.com
Subject: RE: [IMail Forum] SMTP
Running IMail822.exe only gets you upgraded to the version that *can* be
patched. You still need to download SMTPProtocol.zip and replace the .dll.
Mike
Chris McFarling wrote:
How can one verify that this patch is actually installed? I downloaded
IMail822.exe from the link Tripp posted and
The patch is here: http://support.ipswitch.com/kb/IM-20061026-JH01.htm You
need to download the updated smtpprotocol file and follow the instructions
to replace it.
Tripp
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Cert
Sent: Friday, October 27,
So,
Who's using Smartermail?
What are your thoughts on it?
Any gotchas going fromImail to Smartermail?
Thanks
Dave
---
|Beach Computers|
|Affordable Hosting Solutions |
|http://www.beachcomp.com |
This is not true! We have an IMGate solution and were hit this morning
by it. The had a valid email address in the to field for the email
address and the name associated to it had the code and we were hit with
15,000 emails in a matter of a little while. Len just put a header
filter in place on
We tested it and found it wanting. It, in our opinion, is not suitable
as a replacement.
Beach Computers wrote:
So,
Who's using Smartermail?
What are your thoughts on it?
Any gotchas going fromImail to Smartermail?
Thanks
Dave
---
|Beach Computers
Thank you Tripp. This response is a good one and it is greatly appreciated.
Mark
Tripp Allen wrote:
The patch is here: http://support.ipswitch.com/kb/IM-20061026-JH01.htm You
need to download the updated smtpprotocol file and follow the instructions
to replace it.
Tripp
-Original
FWIW I have been shocked NOT to have seen any
evidence described of scanning for this vulnerablity here, and I wonder if it's
because we changed our default Hello Message in advanced SMTP configuration such
that it no longer mention imail.
The default Imail response to the initial hello
Anyone know of a possible way to close this off in visnetic by a filter?
Dave
---
|Beach Computers|
|Affordable Hosting Solutions |
|http://www.beachcomp.com |
===
|Cheap Domain Warehouse
Anyone know of a possible way to close this off in visnetic
by a filter?
I think Greg Linares [EMAIL PROTECTED] discovered/wrote the exploit,
on or about the 19th, so you might check with him.
~Rick
_
Virus Scanned and
Does IPSwitch have stated life-of-product somewhere? I ask because Imail 8.2 came out in April 28 of 2005 and was the first to require "Activation" (?) Was the condition of this activation an active support contract at the time? And if so is one ordinarily included with the software at time of
On 27 Oct 2006 at 13:53, Robbie Pardue wrote:
I agree completely Robbie! Good post!
Mike N
FXOL
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html
List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ:
OK, I bit the bullet and did the upgrade in the
middle of the day. All seens well. Even my IMail Client still works. I had
thought it wasn't supposed to work with 8.2x.
Thanks for your help, and
encouragement.
Bill Green
dfn Systems
- Original Message -
From:
Robbie Pardue
Does the current 8.22download
include the December 2005 patch?
Maybe I just answered my own question.
The December 2005 "patch" is 23MB, so that's probably the version upgrade from
8.2, right?
- Original Message -
From:
Dave Doherty
To: Imail_Forum@list.ipswitch.com
Cc: [EMAIL PROTECTED]
Sent: Friday, October 27, 2006 4:52
same here, hope Kevin Gillis will answer this questions
otherwise it seems to answer my question about the manner to force an upgrade.
marc
At 20:53 27.10.2006, you wrote:
Does IPSwitch have stated life-of-product somewhere?
I ask because Imail 8.2 came out in April 28 of 2005
Guys, here's my solution to staying off of 2006 until your
comfortable while still make your users happy:
http://www.webmailasp.net/buy their
webmail solution which is pretty nice and a whopping $100
http://www.serverobjects.com/products.htmyou'll
need their aspmail and asppop3 software
Thx for this update, and wow, how a software can be useless after only 1,5
years!?
This negligently attitude is not more acceptable. I will not pay 1000 USD
and have
next year after SA expired again a security problem. Is this a new manner
to force to
upgrade?
I believe Imail 8.15 is over 2
I'm trying to figure out the program alias.
We have a server (non Imail) that delivers email to parents. The emails
all come from
the same address and pass through Imail. There are some emails that we do
not want
to deliver so I'm thinking I can setup a program alias that all mail from
this
My copy was compiled in Feb 05, so one year and eight months.
- Original Message -
From: John T (Lists) [EMAIL PROTECTED]
To: Imail_Forum@list.ipswitch.com
Sent: Friday, October 27, 2006 5:30 PM
Subject: RE: [IMail Forum] Update for SMTP vulnerability in 8.22
Thx for this
Right, but also partially responsible by Ipswitch. Its the first time in
10 years that a
software seems to be useless after 3 years only, when IMail 8.x was coming
out...
again, this not acceptable.
QuickBooks 2003 is no longer usable if you want to do a common list of
things.
QuickBooks prior
yep, you're right John. got to thinking about it and that's the answer.
got it going, thanks for the reply, bob
On Friday, October 27, 2006 3:34 PM, John T \(Lists\) [EMAIL PROTECTED] wrote:
I'm trying to figure out the program alias.
We have a server (non Imail) that delivers email to
So am I to understand that ASSP somehow prevents the vulnerabtility from
being a problem?
With the recent report of the exploit getting through IMGate, this is still
a good question. Is there anybody using ASSP directly in front of IMail,
that has suffered from this exploit? Will the
Now that I have 8.22, I thought I'd use the tarpitting feature, but now I
can't find any documentation on it. I've found mention of it in the
archives, but not how to enable it. Anyone still have a link?
Bill Green
dfn Systems
---
[This E-mail scanned for viruses by Declude EVA]
To
Anybody willing to give any input as to what to
look for?
Brian
- Original Message -
From:
Brian T.
To: Imail_Forum@list.ipswitch.com
Sent: Friday, October 27, 2006 11:23
AM
Subject: Re: [IMail Forum] Update for
SMTP vulnerability in 8.22
How can you
does your desktop software examples have any security holes to compromise a
server shared with hundreds of customers? make a serious comparison to convince
me, that this is common. we are talking about business server software not for
100 bugs.
marc
QuickBooks 2003 is no longer usable if you
Look at your smtp logs for "send error 10038". That will be preceded by something likedate time SMTPD(your-message-number) [the imail IP] connectthe-offending-server-ip port 3442date time SMTPD(your-message-number) [the-offending-server-up] EHLOdate time SMTPD(your-message-number)
Hi,
Search for dictionary attack in the KB
--
Mit freundlichen Grüssen
Merlin Consulting
Martin Schaible
Bahnhofstrasse 27
CH-8702 Zollikon
Phone: +41 44 391 30 00
Fax: +41 44 391 32 49
Mail:mailto:[EMAIL PROTECTED]
URL:
It is not a true tarpitting but rather a temp auto black list that if an IP
tries X number of invalid recipients the IP is blocked from connecting for Y
amount of minutes.
It is set in the registry.
http://support.ipswitch.com/kb/IM-20050831-DM01.htm
John T
eServices For You
Life is a
Doug,
The only way to get complete protection from the exploit it to make sure
that IMail doesn't answer the Internet with SMTP. If you have IMail 8.x
or earlier, and you have customers connecting to IMail for SMTP, you
cannot sufficiently lock it down unless your firewall has some form of
Hi,
Bill, i do not agree with your latest statement. As
everybody knows, Ipswitch spent a lot of time to get IMail 2006 running. It's
also true, that a brand new software, a release1.0, can cause problems. That's
for sure a reason, why Ipswitch released several versions of IMail 2006 this
does your desktop software examples have any security holes to compromise
a server
shared with hundreds of customers? make a serious comparison to convince
me, that
this is common. we are talking about business server software not for 100
bugs.
marc
Neither I nor any one else would consider
I did upgrade to 2006.1 which is why I'm hosed
now.
2006.04a ran great! It wasn't until I installed .01 that
things got f'd up. Since I can't go back I have to go forward. Once again,
Ipswitch claims I'm the only one that has this problem even though it's
mentioned in the forums. They can
Thousands of emails in your queue and
subjects and tos containing the ?-windows= or something similar. We had
one account hit and it appears they got their password as later in the day they
sent out using their email address and authenticated using their password. We
changed the password
I do not have any reason to change the meaning of my post. Just read the
subject to this theard and than you will understand the meaning of useless.
marc
At 02:46 28.10.2006, you wrote:
does your desktop software examples have any security holes to compromise
a server
shared with hundreds of
Hi, all-
I have one user who relies heavily on the old email to fax utility that was
available in earlier versions. Maybe I'm missing something obvious, but I
don't see anything on this subject as it relates to 8.22 or 2006.10.
Anybody know about this?
-Dave Doherty
Skywaves, Inc.
Dave,
It seems to me that I had to upgrade Email-To-Fax, either 7.x to 8.0 or it
was 8.15 to 8.22. As I recall, that was the only time I had to upgrade it. I
am running 8.22 and I am running Email-To-FAX. Like you, I have one customer
that swears that they cannot do without it.
To get the
Thanks Michael.
There was an upgrade that I had to do when transitioning to 8.15.
The version I am running returns SNDFAXUI Version 8.14-2004.11.1 as the
first line of the Help | About display.
Is that the version you are using with 8.22?
-d
- Original Message -
From: Michael
Dave,
Mine reads SNDFAXUI Version 8.14-2004.11.10
The version I am running returns SNDFAXUI Version
8.14-2004.11.1 as the
first line of the Help | About display.
Michael Thomas
Mathbox
978-683-6718
1-877-MATHBOX (Toll Free)
To Unsubscribe:
We have the same version. Typo on my part.
Thanks!
-d
- Original Message -
From: Michael Thomas - Mathbox [EMAIL PROTECTED]
To: Imail_Forum@list.ipswitch.com
Sent: Friday, October 27, 2006 10:56 PM
Subject: RE: [IMail Forum] Mail to Fax in 8.22
Dave,
Mine reads SNDFAXUI Version
After upgrading to 2006.1, we are unable to log into the Webmail client.
Webadmin works fine.We get the message :
Unable to log into the system.
Reason: Failed to authorize user.
All other services POP3 and SMTP, and IMAP are working fine. There are
no logs in the IIS folder other
89 matches
Mail list logo