Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » SendAs permission (security settings)
  •  
Karthik

Messages: 40

Karma: 0
Send a private message to this user
Hi There..

We are evaluating Kerio Connect to migrate from Exchange Server.

I would like to know if there is any restrictions that can be done so that users cannot send mails to any mail id as a different user.

For instance: i have installed outlook connector and configured MS outlook 2010 with testuser1@mydomain.com and sending mail to a gmail ID by mentioning Send from id as testmanager1@mydomain.com and the mail received to the gmail id is from testmanager1<_at_>mydomain.com.

This is a security issue and hope there is some settings to restrict this which i might have missed to set. Any help to fix this appreciated.. Smile

Thanks and Regards,
Karthik S.
  •  
tonyswu

Messages: 271
Karma: 5
Send a private message to this user
Yes, you can disable SMTP relay altogether: SMTP Server -> Relay Control
  •  
Karthik

Messages: 40

Karma: 0
Send a private message to this user
Hi, thanks for your reply..

i tried to disable SMTP relay, but still i'm able to send mail as different user.

btw, i missed to mention that i'm authenticating to my windows 2008 AD for all users, does this have any impact on the issue i'm facing..?

Thanks and Regards,
Karthik S.
  •  
manyhats

Messages: 44
Karma: 1
Send a private message to this user
I have not found anything yet inside Kerio to fix this. When you specify a fake from/sender address that mail passes through the server because it authenticates the Kerio user's account and never looks at what it is sending.
  •  
Karthik

Messages: 40

Karma: 0
Send a private message to this user
Thanks for all your replies.
Yes, i just gotta a confirmation from Kerio Connect support as follows
***
Kerio Connect does not have the ability to prevent a user from spoofing the From address. We do track requests for this feature and I have added your ticket to that feature request. Unfortunately I do not even have a workaround to offer you for this situation.
***
As this is security issue we expect this to be fixed at the earliest, atleast in the next release or update.

Thanks again all..

Thanks and Regards,
Karthik S.
  •  
Petr Dobry (Kerio)

Messages: 782
Karma: 61
Send a private message to this user
You should know that's not really a security issue in Connect. This is a design of SMTP protocol. Any email client can select anything as From: address and send it through mailserver (that's why we have so many spams on the Internet these days).

Petr Dobry
Product Development Manager | Kerio
  •  
Karthik

Messages: 40

Karma: 0
Send a private message to this user
yes, you are right, any mail client can select anything as From address.. but i hope the mail server shud be able to filter this kind of spoofing, please correct me if i'm wrong. As a exchange user i get lot of requests for providing SendAs permission to send mails on other's behalf, how do we achieve this in Connect..?

[Updated on: Tue, 27 September 2011 09:33]


Thanks and Regards,
Karthik S.
Previous Topic: Large Email KOFF - TOOOOO SLOWWW!!!!!
Next Topic: Status: 2.1.5
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Tue Oct 17 11:22:00 CEST 2017

Total time taken to generate the page: 0.00459 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.