This is indeed crazy - what they're saying is that the system is wide open to DOS and Ipswitch doesn't care. In other words a distributed scanner hitting 8383 instead of 80 would still take out Webmail on all IMail machines everywhere. Perhaps a competitor is doing just that to try to steal Ipswitch's customers after they get so tired of webmail crashing that they look elsewhere.
The shame is that there is nothing wrong with the basic product, the code just needs review. After all what is the purpose of junk like this: 02:28 00:12 POP3D (%1!08X!) %2!s!logon success for %3!s! %4!s! from %5!s! It demonstrates little thought given to variable validation, and it can't be found and corrected after .05 minor revisions. Admittedly, they have bigger priorities in keeping things running. ----- Original Message ----- > Their solution was for me to run my server on port 8383, which would be > immune from CodeRed/Nimda. That's complete garbage! This server has been > running for a year or so (on port 80) and I haven't had nearly this many > webmessaging problems. Please visit http://www.ipswitch.com/support/mailing-lists.html to be removed from this list. An Archive of this list is available at: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
