Stay with possibly exploitable version of the
server or upgrade to a feature and bug rich version that doesn't have the
exploit? The answer is obvious, time to drop Imail. It's been a
long run (7 years) but the handwriting is clearly on the
wall.
Not so obvious, keep what you are
Hi,
Samen reason here for my whish to do a "clean"
upgrade by just moving the domain info and the mailboxes.
See my mail 19-okt. I'd love to hear from Kevin or
Tripp whether my "solution" is feasable.
Met vriendelijke groet,Bonno Bloksmahoofd systeembeheer
tio hogeschool hotelmanagement en
With Microsoft, you are not paying an annual
service agreement over and above the purchase price. In this instance Windows
95 is not a good example nor would Windows 2000 as they both are much older
products than version 8.x of IMail. Also, if those companies who had the keys
had service
I've been lurking in the weeds watching this discussion very quickly pick up momentum. I thought I was internally over-reacting in my perception that Ipswitch has become dollar driven to the point that it's obviously become detrimental to their client base. Apparently that isn't just my opinion.
Im going to weigh in on this at
this point as well just so my vote is registered on the off chance Ipswitch is
monitoring this thread
Based on the fact that I havent
heard of an update even being reviewed for the 8.2x line I am currently
researching alternative mail hosting platforms. I
The problem appears to be two fold:
1.Ipswitch moved to .NET programming without having someone who was
completely familiar with SERVER operating systems and how IIS works with
.NET.
2. Ipswitch's programmers are programming for what THEY perceive to be
the way users will be using the
I also feel the need to add my "Me Too" to this thread, so
IPswitch will not think there is only a few that are
dissatisfied.
I too have been lured into extending my SA in hopes of a
stable product coming out to upgrade to - ipswitch even acknowledged their
screwup early on and offered an
Ditto.
Tom
- Original Message -
From: Jim Comerford [EMAIL PROTECTED]
To: Imail_Forum@list.ipswitch.com
Sent: Wednesday, October 25, 2006 7:57 AM
Subject: RE: [IMail Forum] It is worth it to buy the SA?
I also feel the need to add my Me Too to this thread, so IPswitch will not
think
Adding another direction ... I guess nobody has Cisco equipment.
Christopher Checca
Packard Transport, Inc.
IT Department
24021 South Municipal Dr
PO Box 380
Channahon, IL. 60410
815 467 9260
815 467 6939 Fax
[EMAIL PROTECTED]
www.packardtransport.com
To Unsubscribe:
I agree with Jason and others and also will underline what the public
available exploit can do for everyone who spend some minutes (for thus who
haven't read the code at
http://www.securiteam.com/exploits/6G00L0KH5E.html
Payload Options (for your server!!!)
1 = Share C:\\ as 'Export' Share
2 =
Why would you say that? A comment on Cisco's support?
Doug Traylor
- Original Message -
From: Christopher Checca [EMAIL PROTECTED]
To: Imail_Forum@list.ipswitch.com
Sent: Wednesday, October 25, 2006 8:31 AM
Subject: RE: [IMail Forum] It is worth it to buy the SA?
Adding another
??? What do you mean?
Darin.
- Original Message -
From: Christopher Checca [EMAIL PROTECTED]
To: Imail_Forum@list.ipswitch.com
Sent: Wednesday, October 25, 2006 9:31 AM
Subject: RE: [IMail Forum] It is worth it to buy the SA?
Adding another direction ... I guess nobody has Cisco
Wow! I didn't expect my question to spawn such a hot topic!
I think I'll let my SA expire at this point as I can't upgrade directly to
2006 and 8.2x isn't patched for the SMTP vuln. Perhaps I'll take this time
to investigate alternatives. My 7.15 version, while working fine, is getting
long in
Thanks for spelling this out. Here's another question, is Imail suceptible
to this, beside internal attacks, if it is behind other gateway products and
the smtp service is not directly accessible to the internet. Such as IMGate
or hMailserver or any other currently maintained MTA. Would this
IMgate, etc would be a good solution if the IMail SMTP server is not
accessible to the internet.
- Original Message -
From: Doug Traylor [EMAIL PROTECTED]
To: Imail_Forum@list.ipswitch.com
Sent: Wednesday, October 25, 2006 9:51 AM
Subject: Re: [IMail Forum] It is worth it to buy the
Not quite knowing how SMTP vulnerabilities are exploited, I
am assuming that this can not be executed by simply sending ...
In fact it's as nearly as simple as writing an email message! Durring the
SMTP-Envelope session the attacker has to specify a mail-from and rcpt-to
address and the only
Indeed. IMGate or ASSP. This was the deciding factor in our implementing
ASSP. The Sonicwall closes the other issues.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Mike N
Sent: Wednesday, October 25, 2006 10:08 AM
To: Imail_Forum@list.ipswitch.com
Subject:
Hi all,
Add a ditto for me as well. I paid for the SA. I do not feel comfortable
upgrading now. The initial release of 2006 was more like a beta release than
real release. I would like to see an 8.22 patch.
Mike
Ditto.
Tom
To Unsubscribe:
I posted previous we feel was a waste of money our firm renewed SA's ongoing
while we remain and feel stuck on 8.22. Based on this, count us in as
another who will certainly not renew our 2 separate SA's upcoming by years
end.
-Don
-Original Message-
From: [EMAIL PROTECTED]
Having third-party gateway solutions (Alligate, ASSP, ORF, ...) in front
of your server would help but only if your Imail-SMTP-Service is
completely unreachable from at least the internet.
So is that the solution for users of non-supported versions of Imail, put a
supported SMTP gateway/MTA,
As long as the gateway validates the E-mail addresses as IMGate does for
example, a bad E-mail could not get through. If the gateway uses the SMTP
VRFY back to the Imail server, something bad might be able to get through.
- Original Message -
From: Doug Traylor [EMAIL PROTECTED]
To:
So is that the solution for users of non-supported versions
of Imail, put a supported SMTP gateway/MTA, commercial or
open-source as long as it is kept current, in front and keep
using version 6, 7, or 8 without worries, or could a rogue
email still get through the gateway ...
As far as I
But this brings up the question how do you have configured your users who
connects to your Imail-server. Usually they connect to the same port 25 of
your SMTP-Server to send outgoing emails. If you have all your users on
well defined IP-ranges you can block smtp-access for the rest of the
It would be very nice to be able to set port 25 to be SMTP Auth-Only
also??? Can that currently be done? I am running IMail 8.22 but have
all mail going thru a couple of other gateways before it hits the IMail
box if they follow the MX records. Can I change port 25 to be Auth-Only
except from a
Based on the exploit code it may be that even an smtp-auth setting would
not fix this.
-Jason
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Grant Griffith
Sent: Wednesday, October 25, 2006 2:53 PM
To: Imail_Forum@list.ipswitch.com
Subject: RE: [IMail
The answer
is obvious, time to drop Imail.
The only problem is that the alternatives aren't
exactly that great. SmarterMail looks like a great product, but it's still
lacking some of the fundamental elements of a corporate mail server like
TLS. They also remind me now of how IPswitch was
I
can't knock Ipswitch for not wanting to support a product indefinetly, but it
seems like the pulled the plug on 8.x and 7.x rather soon. Even Microsoft
support Win 98 until recently, and that is far more complex than Imail.
-Original Message-From:
[EMAIL PROTECTED]
Hi,
Not every customer of my company will move to IMail 2006.
Some don't need or want the new gadgets, some don't want upgrade to a new
server.
Ipswitch should support IMail 8.22 until the end of next
year. It can't be the truth, that a security hole is a reason to upgrade to the
latest
I tried to upgrade to 2006 and spent a
week fixing the mess. Ipswitch had to have some of the senior people to work
with me to get things right and in the end we had to go back to 8.22 due to all
of the problems we encountered. Mostly due to the fact we have been on the same
program since
See, and thats what scares me about
upgrading my 7.15 version. Im concerned that things are too different
and that Ill end up with much greater headaches. Plus, to get to 2006 Id
have to upgrade to 8.x, then go to 2006. Hmm, 2 up[grades on the same server.
Not what I call fun.
Troy D.
Was the SMTP hole an issue in 7.x or
starting at 8.x?
Troy D. Hilton
Serveon, Inc.
302-529-8640
[EMAIL PROTECTED]
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of Martin Schaible
Sent: Tuesday, October 24, 2006
1:13 PM
To: Imail_Forum@list.ipswitch.com
So if a vulnerability is discovered in
Windows 95, Microsoft should spend the time and resources developing a patch to
fix it?
What about all those software vendors
that were using old style parallel port keys that became obsolete when Windows
XP came out? Should those software vendors
I agree completely. Imail 8.x should
continue to be supported and patched for vulnerabilities for 2 years after last
sold date.
John T
eServices For You
Seek, and ye shall
find!
-Original Message-
From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of
I
see the point you're trying to make, but that's an unfair question because it
depends on a lot of factors; such as the severity of the vulnerability, the time
investmentrequired to fix said vulnerability,as well as the amount
of customers still using Windows 95. If a large enough
It can
be argued that software developers might have a certain moral interest in
patching their software if the vulnerability can be used to hurt others. Windows
95 is pretty long in tooth, and few systems are still running on Windows 95.
Imail 8.x on the other hand is not even
Hi,
I like the comparison with the car industry. As an example,
i have this: My car is now in the sixt year and i received a free "Update"
regarding the black box which controls the air condition. So, the car is out of
production and out of any warranties ("subscription") and the vendor
That may be good for them but not for some of us that will not upgrade
to 2006 until it is stable enough to use without causing problems for
our clients. I have not renewed our SA and will not until the problems
with 8.X are solved. The SMTP problem has been around for quite a long
time and
I do have an active SA, but I can't upgrade to 2006 until at least
Safari is working with it, and I'm not happy about needing to rush to
2006.2 once it is released, much less waiting for it.
I don't think it's necessarily unreasonable to not supply security
patches outside of an SA, though I
Weve been running Imail 7.15 for a few years now and
its been running very well. Well, its time to renew my SA with
Ipswitch but Im wondering is it worth it?
In following this list I see that the latest versions of Imail
have been far from stellar, so Im know I will not be upgrading to
For the record this thread topic, I am also
pasting my previous post below.
I think the SA would be worth it if you
can upgrade without bugs or unresolved issues. I personally feel IP Switch should
extend the IMAIL SA for those customers whom have kept their licensures current
and
Now that there's been an SMTP exploit released
(yesterday) for the recently patched SMTP bug, you are running on borrowed time
until someone decides to try it on your server.
- Original Message -
From:
Troy D.
Hilton
Subject: [IMail Forum] It is worth it to
buy the
IMHO, buy a nicer webmail from someone and hand out for a
bit.
Bill Foresman
Matrosity Hosting
www.matrosity.com
850.656.2644
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Troy D.
HiltonSent: Monday, October 23, 2006 2:16 PMTo:
Imail_Forum@list.ipswitch.comSubject:
On 05:41 PM 10/23/2006 -0400, it would appear that Mike N wrote:
Now that there's
been an SMTP exploit released (yesterday) for the recently patched SMTP
bug, you are running on borrowed time until someone decides to try it on
your server.
Stay with possibly exploitable version of the server or
If there is an exploit now in the wild, it is an absolute necessity
for IMail to release a patch for 8.22 so that users can fix the issue
without shutting out their Safari users. Many of us with a Mac
user-base have current SA's and have held off on upgrading due to the
lack Safari support in
Matt, FYI, I am on 2006.1 and I have 2
users that have connected to my webmail via Safari on OSX 10.4 and they did not
report any problems.
Granted, they do not use it every day,
in fact very seldom.
John Tolmachoff
Owner, eServices For You
[EMAIL PROTECTED]
626-737-6003
Fax
45 matches
Mail list logo