Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » bug in User Acces Policy (bug in User Acces Policy )
  •  
forum69

Messages: 62
Karma: -1
Send a private message to this user
Hello,


I created a new user acces policy :
1: kerio connect client : allow
2: other protocols : deny


On a client (tested on 10.8 and 10.9) with an account which was already configured using kerioconnect configurator and access rights with this new policy (server side) :

It possible to send message using Mail.app.
When opening Mail.app, the password is asked. But if cancelling the password window, it's always possible to send a message. Reception does not worked.

Kerioconnect is 8.2.2.

This specific access policy can not be deployed to already existing accounts.
  •  
Kedar

Messages: 1320
Karma: 48
Send a private message to this user
I guess the message has been sent via SMTP protocol from your Mail.app (IMAP account).

There is no rule for SMTP in User Access Policies, and if the recipient of the message is on your server, or the sender has IP address from trusted relays ranges, no authentication of user is required.

[Updated on: Tue, 08 April 2014 12:52]

  •  
forum69

Messages: 62
Karma: -1
Send a private message to this user
Thank for this fast reply.

Yes, messages were sent using the SMTP form the Mail.app using an IMAP account

The recipients are locally declared on the server as are the sender.

But using this user access policy, we should expect Mail.app being unusable, shouldn't we ?

  •  
clan

Messages: 236
Karma: 22
Send a private message to this user
forum69 wrote on Tue, 08 April 2014 12:56
But using this user access policy, we should expect Mail.app being unusable, shouldn't we ?

If you are using SMTP (port 25) for sending mail, you don't need to authenticate to send to local recipients. To block all sending without authentication the clients should be configured to use the submission service on port 587
Previous Topic: Archiving interval
Next Topic: Suppressing the old webmail access
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Tue Sep 26 23:42:14 CEST 2017

Total time taken to generate the page: 0.00384 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.