Page 1 of 2 12 LastLast
Results 1 to 10 of 12
  1. #1
    Untanglit
    Join Date
    Mar 2020
    Posts
    19

    Default Email scanning ports 995 and 587

    I'm having trouble getting any email scanning working on ports 995 (SSL/TLS) and 587 (STARTTLS), is there something I'm missing? Does the Virus Blocker app only assume specific ports, regardless of the ports identified in the SSL Inspector?

    I'm using the Z4W appliance with a home pro license, SSL Inspector is configured and working for web connections (root certificate installed on my PC). In SSL Inspector I've also enabled all of the SSL and TLS protocols and added rules for both of these ports. However email comes and goes and there are zero entries in the "Scanned Email Events" portion of the Virus Blocker log (lots of entires in the Scanned Web Events section). Am I missing something, or does the Virus Blocker just not look for connections on common email ports?

    I've had several bugs emailed to me and have so far caught them myself, but I would really like to get this working so that no accidents happen.


    temp1.jpg
    temp2.jpg

  2. #2
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    8,516

    Default

    Only port 25 is scanned for SMTP.

    https://wiki.untangle.com/index.php/...fic_Processing

    " When enabled, port 25 mail sessions that use STARTTLS will be decrypted inbound,"
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  3. #3
    Untanglit
    Join Date
    Mar 2020
    Posts
    19

    Default

    OK thank you very much for the reply. Are you aware of any other apps currently available that might scan incoming email on an arbitrary port?

    Also if you have any way to do it, please pass the request up the line that being able to specify a port for the Virus Blocker app for email scanning would be a really useful feature. It seems like such an obvious feature I'm surprised it's not in there already.

  4. #4
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    24,186

    Default

    Nope, it's up to the mail server to provide that protection. Thanks to everything being encrypted now, the only place you can really do this work is on the two end points in question, that is the mail server, or the client itself.
    f1assistance likes this.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  5. #5
    Untanglit
    Join Date
    Mar 2020
    Posts
    19

    Default

    From the technical side; would it not be possible for the virus blocker to leverage SSL Inspector to scan incoming mail on arbitrary ports? I guess I don't see the difference between server-to-client traffic and server-to-server traffic, from a technical perspective. Maybe it's technically possible, but untangle doesn't see enough market demand to spend the dev time on implementing it?

  6. #6
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    24,186

    Default

    No, because you break the POP3/IMAP session. Untangle used to do all of this... it didn't end well. The functionality you're requesting was removed for a reason, several of them in fact. Note, Untangle never used to do this on arbitrary ports, but it did work on the unencrypted POP3 / IMAP ports. Back before everything was SSL.

    I'm afraid I meant what I said, there is no way to protect email other than on the email server. The only other point of control you have is at the email client itself after it downloads the content.
    Last edited by sky-knight; 03-05-2020 at 07:16 AM.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  7. #7
    Untangle Ninja
    Join Date
    May 2008
    Posts
    1,091

    Default

    Do you have an email server inside your untangle? Those ports seem to be used by clients not servers?

  8. #8
    Untangle Ninja jcoehoorn's Avatar
    Join Date
    Mar 2010
    Location
    York, NE
    Posts
    1,737

    Default

    It really makes close to zero sense to run your own mail server anymore. G-Suite or O365 cost less, and give so much more, especially in the area of spam protection.
    Five time Microsoft ASP.Net MVP managing a Lenovo RD330 / E5-2420 / 16GB with Untangle 14.2.2 to protect 500Mbits for ~450 residential college students and associated staff and faculty

  9. #9
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    8,516

    Default

    With email encryption just about mandatory, the only effective SPAM scanning is on the mail server itself.
    Last edited by jcoffin; 03-05-2020 at 10:41 AM.
    Jim.Alles likes this.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  10. #10
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    24,186

    Default

    Quote Originally Posted by jcoehoorn View Post
    It really makes close to zero sense to run your own mail server anymore. G-Suite or O365 cost less, and give so much more, especially in the area of spam protection.
    To take this even further... there's a paranoia gap here. So say you're a small business, prosumer, or even a home user... but you're using Gmail or Outlook.com for your email services. But then you decide you don't trust it so you want to "protect" yourself with something like Untangle?

    Or worse, you're using Godaddy POP3/IMAP email hosting, which has a sorry excuse for a security record, and lacks essentially all protections of even modern FREE email services for home users.

    So instead of fixing the trust issue at the source, and swapping out to a proper email solution... people grasp at straws trying to defend an indefensible system. It's like trying to wage war without bullets...
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

Page 1 of 2 12 LastLast

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2