Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: Surprised.

  1. #1
    Untanglit
    Join Date
    Aug 2008
    Posts
    18

    Default Surprised.

    My UT server has been up for a couple days. An account manager forwarded an email from a customer who has been trying to send us email. It showed "Quarantine Digest for username@company.com" and how to release it. I wasn't expecting emails sent to people. Also, the link was for an internal address and not publicly accessible. It only confused and frustrated non technical people.

    Maybe it is a good idea, but I'm just surprised.

    I uninstalled my UT server because of this.

  2. #2
    Untangle Junkie dmorris's Avatar
    Join Date
    Nov 2006
    Location
    San Carlos, CA
    Posts
    17,486

    Default

    No its not a good idea to do this. Thats why it isn't on by default.

    I'd suggest turning it back off.

    If you want to scan outbound mail with it set to "quarantine" then I'd atleast suggest you change your quarantinable addresses so it will only quarantine for your users and mark everything else.
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  3. #3
    Untangler
    Join Date
    Mar 2008
    Location
    The Netherlands
    Posts
    80

    Default

    Quote Originally Posted by dmorris View Post
    No its not a good idea to do this. Thats why it isn't on by default.
    I'm mostly running defaults on my 5.3 install apart from enabling some more categories in the web filter, and I must note that I found the digest function is enabled by default.
    I see these digests drop in on a daily basis.
    Our Current Platform [INACTIVE Until further notice - finally in a new building!]
    ---------------------------------
    Intel Desktop Board type D865GVHZ + Intel P4 3.0Ghz HT, 2GB Dual-channel RAM, 40GB HDD, 3x3Com 309x 10/100 PCI, 3Mbit 4 to 1 Business Cable, roughly 500 users and 220 machines and growing.
    ---------------------------------
    Please make use of the Untangle Bugzilla to vote for and report issues/requests!!

  4. #4
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,510

    Default

    Then you had it in bridge mode and you had it plugged in backwards. Quarantine messages do not go to outside domains by default. Heck outgoing SMTP traffic is bypassed!
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  5. #5
    Untangler
    Join Date
    Mar 2008
    Location
    The Netherlands
    Posts
    80

    Default

    No, quite sure it is not plugged in 'backwards'.
    It is however, using the default setting where UT uses it's own mailserver to send out mails, I did not choose to set up a route to our internal Exchange box because UT sits outside our ISA server. Bridge mode? Yes.

    Each morning at around 6:05AM, Untangle mails out quarantine digests to my users on it's own. I did not configure it to do so.
    Our Current Platform [INACTIVE Until further notice - finally in a new building!]
    ---------------------------------
    Intel Desktop Board type D865GVHZ + Intel P4 3.0Ghz HT, 2GB Dual-channel RAM, 40GB HDD, 3x3Com 309x 10/100 PCI, 3Mbit 4 to 1 Business Cable, roughly 500 users and 220 machines and growing.
    ---------------------------------
    Please make use of the Untangle Bugzilla to vote for and report issues/requests!!

  6. #6
    Untangle Junkie dmorris's Avatar
    Join Date
    Nov 2006
    Location
    San Carlos, CA
    Posts
    17,486

    Default

    Quote Originally Posted by Xolo View Post

    Each morning at around 6:05AM, Untangle mails out quarantine digests to my users on it's own. I did not configure it to do so.
    As it should.

    Note the OP is talking about quarantining for the "rest of the world" not his own users.
    Quarantining for your own users is the default.
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  7. #7
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,510

    Default

    Yes, by default the UT server will quarantine all mail from any domain. It uses a no rack policy for outgoing SMTP traffic to prevent the unit from scanning mail that is leaving the network. If you have a bridge mode installation and it is plugged in backwards... thanks to the bypass rule you wont be scanning mail coming in and instead will be scanning mail going out. Then with the UT server also doing its own mail delivery any spam intercepted from the world will generate quarantine requests.

    You have to make quadruple sure you have your UT servers plugged in the right way around. If you get it flipped all kinds of bad things will happen. We all know this, but it is so incredibly easy to get it wrong...

    I just did it to myself again... last week. I know.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  8. #8
    Untangler
    Join Date
    Mar 2008
    Location
    The Netherlands
    Posts
    80

    Default

    @dmorris: Hmm, may have misread then. i'm not too old to learn though on another note, I removed the catch-all rule under Config > Email > Quarantine because the digests are useless to my users because they can't reach the UT machine internally. Wasn't set up that way.
    @sky-knight: Oops, hehe yes, It happens! I really liked that hot swap network check during setup to verify which card was detected as what for that reason. Made it easy to label the interfaces beforehand
    Our Current Platform [INACTIVE Until further notice - finally in a new building!]
    ---------------------------------
    Intel Desktop Board type D865GVHZ + Intel P4 3.0Ghz HT, 2GB Dual-channel RAM, 40GB HDD, 3x3Com 309x 10/100 PCI, 3Mbit 4 to 1 Business Cable, roughly 500 users and 220 machines and growing.
    ---------------------------------
    Please make use of the Untangle Bugzilla to vote for and report issues/requests!!

  9. #9
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,510

    Default

    Yeah but watch those labels! When we went from 5.03 to 5.2 the kernel changed... when the kernel changed some people got their interfaces moved around!
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  10. #10
    Untangle Junkie dmorris's Avatar
    Join Date
    Nov 2006
    Location
    San Carlos, CA
    Posts
    17,486

    Default

    [quote=Xolo;30904]@dmorris: Hmm, may have misread then. i'm not too old to learn though on another note, I removed the catch-all rule under Config > Email > Quarantine because the digests are useless to my users because they can't reach the UT machine internally. Wasn't set up that way.

    ah, I'd consider just "blocking" or "marking" spam instead.
    Otherwise you're just wasting space and CPU on quarantining when the users can't actually use it anyway.
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2