Darrell ([EMAIL PROTECTED]) wrote:
I have not migrated to 2006 yet - I knew in the first release the security
issue existed with the IUSR account. This really still exists even in the
latest versions where the IUSR account must have FULL CONTROL? As everyone
knows that's ridiculous.
Has anyone found a way to work around that makign everything work with IUSR
just having read access?
Kevin - is this actually being addressed?
Darrell
I second that Darrell.
I still dont understand why Ipswitch insists on breaking with common
security practice for IIS.
------------------------------------------------------------------------
Check out http://www.invariantsystems.com for utilities for Declude And
Imail. IMail/Declude Overflow Queue Monitoring, SURBL/URI integration, MRTG
Integration, and Log Parsers.
----- Original Message -----
From: "Martin Schaible" <[EMAIL PROTECTED]>
To: <[email protected]>
Sent: Friday, December 01, 2006 5:02 PM
Subject: AW: [IMail Forum] Re: [IMail Forum] IMail 2006.2 Technical Preview
Program
Hi Kevin,
I think, #1 should addressed also to Imail 2006.2, it really important. An
IUSR account must never have administrative privileges. It's against all
rules and against all recommondations from microsoft. An Imail server would
never pass a security audit.
BTW: Is a release date already defined?
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html
List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
