Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » unrate pop3 and smtp traffic after user qouta exceeded (is it possible to unrate pop3 and smtp traffic after user qouta exceeded)
  •  
Grozny

Messages: 8
Karma: 0
Send a private message to this user
Each user has its own montly quote.
After qouta exceeded all internet access must be blocked excluding pop3 and smtp traffic to the internet.
Is it possible to realize and what are the tips?

Thanks in advance, BR.
  •  
enman

Messages: 17
Karma: -2
Send a private message to this user
Create a separate rule for these protocols and disable ptotocol inspector for this rule.
  •  
Grozny

Messages: 8
Karma: 0
Send a private message to this user
I've done the same, it hadn't help!
  •  
Grozny

Messages: 8
Karma: 0
Send a private message to this user
Is it possible to realize?
  •  
enman

Messages: 17
Karma: -2
Send a private message to this user
What I wrote is guaranteed working. Show a screenshot of the rules. If you do not like it, create a rule, in which the source is the range of LAN. Rule, which will not require authorization. But in this case, probably after the user's quota will have to finish the session at the gateway

[Updated on: Sun, 25 July 2010 07:37]

  •  
Grozny

Messages: 8
Karma: 0
Send a private message to this user
Traffic rules attached.
What are your recomendations?

  • Attachment: untitled2.JPG
    (Size: 134.23KB, Downloaded 566 times)

[Updated on: Sun, 25 July 2010 09:36]

  •  
enman

Messages: 17
Karma: -2
Send a private message to this user
The first rule is incorrect, it should be below the rules for local traffic. The rule for local traffic, I would put first on the list. Disabled would be protocol inspector on this rule. Try.
  •  
Grozny

Messages: 8
Karma: 0
Send a private message to this user
thank you for your response.
now made like rules at attached screenshot. still no connection via pop3 and smtp for users with exceeded qouta. users are using transparent proxy.

what's wrong or may be i've forget something?
may be any additional info required?

thanks in advance

  • Attachment: variant2.GIF
    (Size: 65.42KB, Downloaded 506 times)
  •  
enman

Messages: 17
Karma: -2
Send a private message to this user
Hm ... If the rule is disabled protocol inspector traffic on it is not counted. That should work. Place the rules so ...

1. Local Traffic - Protocol Incpector disabled
2. Mail Access - Protocol Inspector disabled
3. Internet Access - Protocol Inspector default
4. RDP Access - Protocol Inspector default
5. Service HTTP - Protocol Inspector default
6. Firewall Traffic - Protocol Inspector default

How is the authentication of users? By IP address? By name \ password when accessing the web page? To receive mail you are using e-mail clients? Such as Outlook Express?
  •  
Grozny

Messages: 8
Karma: 0
Send a private message to this user
You mean I need to place rules in your listed order?
Users are authetificated using their AD logins and password. Checkbox "Always require users to be authentificated when accessing web pages" is ticked.
Mail has to be receiving using MS Outlook 2007.
  •  
enman

Messages: 17
Karma: -2
Send a private message to this user
Grozny wrote on Sun, 25 July 2010 13:47
You mean I need to place rules in your listed order?
Yes
Grozny wrote on Sun, 25 July 2010 13:47
Users are authetificated using their AD logins and password

If you force log off user session, the user can receive mail?

[Updated on: Sun, 25 July 2010 14:14]

  •  
Grozny

Messages: 8
Karma: 0
Send a private message to this user
=)

Yes, after user logs off all traffic blocked excepting pop3 and smtp!

Thank you, friend!
You are really good man =)
  •  
enman

Messages: 17
Karma: -2
Send a private message to this user
If it does not work without the forced logoff user, protocol inspector on a rule for mail is better by default. Otherwise, e-mail traffic will not be counted.

Thank you. Glad to help

[Updated on: Sun, 25 July 2010 14:41]

  •  
Grozny

Messages: 8
Karma: 0
Send a private message to this user
I see. Once again thanks.
Previous Topic: web filter
Next Topic: Transport layer (TCP,UDP,ICMP) segment size limit
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Tue Sep 26 18:27:26 CEST 2017

Total time taken to generate the page: 0.00464 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.