Page 1 of 2 12 LastLast
Results 1 to 10 of 14
  1. #1
    Untangler
    Join Date
    Dec 2017
    Posts
    56

    Default Imap-proxy imap scanning

    I understand the current limitation of the aspects of Phishing, Spam emails etc. that home users experience without the benefit of a home based SMTP server. The majority of home users will utilise an IMAP email account and I suspect that also some small business users will also use IMAP.

    It is my personal belief this disenfranchises the home user as it is recognised that the home user cannot benefit from this additional protection that the UT device can provide. Untangles position is to leave email threats to the end station in the home environment. In essence, we are licenced to run email protection Apps but they are useless in a home environment.

    I am wondering how many licensed home users there are of the Untangle UT gateway? If asked, I am sure a majority of these licenced users would like the additional protection that Untangle does provide in a commercial environment. However, at this time, it is a limitation of the UT device in a home environment.i.e. its not supported.

    Whilst email providers in the cloud can identify spam, they most likely still deliver the spam but filter it into a visible spam/junk folder that can still be looked at on the end users device. It means that minors can still browse these spam messages in their email client.

    In Untangles own description of Spam Blocker:-
    80% of all email is either spam, phishing or email fraud, causing each of your users to waste an average of 100 hours per year cleaning out their inbox. Spam Blocker is updated in real-time to keep you one-step ahead of spammers. Quarantine is automatic and maintenance-free.

    Unquestionably Untangle is committed to the Home User as demonstrated by the Home License program. However, is there an appetite for Untangle to secure further the home environment by processing emails that are delivered via IMAP to the end device?

    Finally, I acknowledge that this may be a technological challenge but I strongly suggest a worthwhile challenge and worthwhile investment in the Home User Licence fee payer.

  2. #2
    Master Untangler
    Join Date
    May 2010
    Location
    Texas, USA
    Posts
    712

    Default

    I know of almost 0 home users that want/need to run an IMAP or SMTP server on premise (and the couple that think they do are already blocked on the needed ports by their ISP).

    So, based on the people I know and support, I don't see this as an issue.

  3. #3
    Untangler
    Join Date
    Dec 2017
    Posts
    56

    Default

    I agree no home user would have the facility to run a SMTP or IMAP email server in their own home nor should they. The would use IMAP to connect to Cloud based email services aka Outlook.com etc.

  4. #4
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    9,665

    Default

    As many email providers will host user own domain and have far better anti-SPAM and anti-Phishing resources, there is very limited reasons to have personal email servers anymore. Thus the market for these features is limited in the home or SMB market.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  5. #5
    Untangler
    Join Date
    Dec 2017
    Posts
    56

    Default

    I have no intention of using any home style email server that would require a MX record. To be honest I didn't think I had implied that. I only use email clients such as provided by Apple, Microsoft and the likes, configured for cloud style services.

    So is Untangle saying there is no desire to "process" email forwarded by the email Providers? In that licensed home users are still on their own and must rely on the email Providers and end point security? I know from personal experience that Phishing emails arrive in my inbox day in day out, spam is delivered to Junk folders.

    My understanding is ,End point security can take several hours to update, Untangle "filters" are updated in almost real time which is a fantastic advantage.

    I am asking if Untangle has the appetite to "process" inbound email through the UT appliance destined for domestic IMAP email clients, to the benefit of licensed home users.

  6. #6
    Untangle Junkie dmorris's Avatar
    Join Date
    Nov 2006
    Location
    San Carlos, CA
    Posts
    17,747

    Default

    Correct. No we removed IMAP scanning and it will not come back.

    1) You should be using IMAP over SSL
    2) In this case, the treatment is worse than the disease. Unlike POP and SMTP which fetch the message before its viewed, IMAP downloads contents only when you click on the email, adding an long delay making it unusable. Also it meant that spam/virus messages only disappeared from email when actually clicked on.
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  7. #7
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    9,665

    Default

    Since 90% of IMAP is encrypted (IMAPS), the complexity of implementing for the user is much higher as it requires similar deployment as SSL Inspector.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  8. #8
    Master Untangler
    Join Date
    May 2010
    Location
    Texas, USA
    Posts
    712

    Default

    Man-in-the-middle inspection on IMAP-S would be a huge pain (and not possible at all in some cases/with some mail clients) with limited benefit.

  9. #9
    Untangle Ninja jcoehoorn's Avatar
    Join Date
    Mar 2010
    Location
    York, NE
    Posts
    1,856

    Default

    Quote Originally Posted by Kkorkky View Post
    Untangles position is to leave email threats to the end station in the home environment.
    This is not exactly correct. While it is true Untangle does not consider it every effective to scan IMAP messages in transit, IMAP protection is not left only to the end station. You can do scanning for this at the end station if you want, but it's not the whole story.

    IMAP mail should also be scanned by the service provider.

    So if you have a gmail account, your mail is scanned by Google. If you have a Hotmail/Outlook account, it's scanned by Microsoft. If you have a me.com or icloud address, it's scanned by Apple. Other addresses are scanned by their respective service providers.

    Of course, some services have better protection than others. For example, if you're still using your ISP's e-mail account, in God's name why? Set those up to forward to an account managed by a dedicated e-mail provider like Google or MS, and then forget you even have the ISP address. If it's a business e-mail (via, say, MS Exchange or Lotus Notes) your protection is as good as your IT team... which is one reason small and medium businesses also ought to think hard about the professional cloud e-mail services hosted by the big names.
    Last edited by jcoehoorn; 12-18-2017 at 01:02 PM.
    Five time Microsoft ASP.Net MVP managing a Lenovo RD330 / E5-2420 / 16GB with Untangle 16.2 to protect 500Mbits for ~450 residential college students and associated staff and faculty

  10. #10
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,121

    Default

    IMAP and POP3 scanning even when Untangle did it met with only limited success. The Spam Blocker only really worked properly when working with unencrypted SMTP traffic on the way to the mail server. Checking mail between the service provider and the client has always been a poor idea at best. If you cannot trust the defenses provided by your service provider, and the following defenses provided by the AV software on your endpoint I suggest that you change service providers. The best place to stop threats to an email service is before the email service is engaged, that's always been true, it will always be true. Multiple layers making poor decisions isn't a solution.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

Page 1 of 2 12 LastLast

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2