Hi Bill, Well, that's another workaround if it's just a few domains. IMail behaves the same in HELOing with the domain, but since it would be the only one sending from that IP the problem with CBL would be avoided. Most shared system can't afford hundred of IPs, though.
Darin. ----- Original Message ----- From: "Bill Green dfn Systems" <[EMAIL PROTECTED]> To: <[email protected]> Sent: Monday, January 29, 2007 11:06 AM Subject: Re: [IMail Forum] Imail vulnerability, or do we have a Virus Darin, Am I correct in my understanding that this is only an issue with virtual domains? If each domain on the mail server has it's own ip address, then IMail uses that address in the HELO/EHLO for that domain. Am I right? (Just wanting to be sure.) Bill Green dfn Systems ----- Original Message ----- From: "Darin Cox" <[EMAIL PROTECTED]> To: <[email protected]> Sent: Monday, January 29, 2007 8:45 AM Subject: Re: [IMail Forum] Imail vulnerability, or do we have a Virus > Hi Joel, > > Matt told you about vulnerable versions of IMail in regards to exploits. > You should also be aware that CBL lists mail servers that connect to > servers > under their control when that server connects using multiple HELO/EHLO > from > the same IP. If you host multiple domains in IMail versions earlier than > 2006.1, or haven't used the setting in IMail 2006.1 to avoid the issue, > then > you are doing this and could be listed in CBL. > > IMail 2006.1 has a setting to correct this problem, but earlier versions > cannot be fixed. Grant pointed out a solution by putting a gateway > outside > of IMail for outbound traffic, though. > > You may want to check the archives for the thread last week when we were > listed. I confirmed with Baud from CBL that they did not receive any spam > from us, but listed us because of this issue. > > Darin. > > > ----- Original Message ----- > From: "Joel Lichtenberger" <[EMAIL PROTECTED]> > To: <[email protected]> > Sent: Monday, January 29, 2007 9:06 AM > Subject: [IMail Forum] Imail vulnerability, or do we have a Virus > > > We were added to the CBL list Saturday, after contacting them they asked > me > if I was using Imail, Why did they ask if I was using Imail. Because of > the, IMail - SMTP Vulnerability mentioned here: > http://support.ipswitch.com/kb/IM-20061026-JH01.htm? > > Concerned that I was somehow allowing SPAM to forward/relay through our > machine I looked at the SMTP logs and notice mail from > [EMAIL PROTECTED] > was being sent to [EMAIL PROTECTED] According to the logs the > messages originated from our mail server. Have we been exploited by the > Imail vulnerability, or do we have a Virus? > > I'm just trying to figure out which direction to go from here. > > Thanks, > > Joel > > To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html > List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ > Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ > > To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html > List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ > Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ > --- > [This E-mail scanned for viruses by Declude EVA] > > To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
