In some cases spambots may use a technique where the "SMTP From:" is
different from "Sender" to mask the spoofed messages. See the example
of SMTP session:
220 127.0.0.1 ESMTP IceWarp 10.4.5; Thu, 04 Apr 2013 09:59:04 +0200
helo mail.yourdomain.com
...
IceWarp Webclient Dual Auth
[https://esupport.icewarp.com/index.php?/Knowledgebase/Article/View/561/0/dual-authentication-in-webclient]
Certificator was written to automatically create client p12 password
encrypted certificates for webclient dual authenti...
In case you are using lot mailing lists with expected frequent change
of subscribers amount, following scenario might be helpfull for you.
Its written for separate mysql database called e.g. mailing_lists with
two tables, first table ml_addr is for storin...
Major vulnerability CVE-2014-0160 has been discovered in the
open-source OpenSSL library
[https://www.openssl.org/news/secadv_20140407.txt] TLS extension,
which allows attackers to obtain server private keys, and thus decrypt
sensitive data in SSL communi...
Backscatter has become increasingly harmful because many servers are
now listening and querying backscatter lists before accepting email.
With this now being seen and becoming more common place it is up to
administrators to do what they can to prevent ...
GENERAL REQUIREMENTS
Make sure that all web server extensions are set to FASTCGI in ICEWARP
ADMINISTRATION CONSOLE - WEB - DEFAULT - SCRIPTING.
UPGRADING MSSQL SETUP
1. It is necesary to configure both instances of MICROSOFT DATA ACCESS
(64-bit and ...
There are few things which are important when configuring ICEWARP VOIP
service which covers features like ONLINE CONFERENCING, WEBPHONE and
all the related ICEWARP VOIP features.
1) VOIP ports _5060_ and _5061(SSL)_ should be open on the firewall
(it is...
Dual authentication is new feature for better security of your
server-client connection.
It is very usefull if you want to protect your mail server from
unauthorised access to your webclient, EAS account or other client
without special client pkcs12 cer...
WITH VERSION 11.4.1 THIRD PARTY CERTIFICATES HAVE TO BE MERGED
MANUALLY.
Open the IceWarp Console.
Go to System > Certificates > Server Certificates > Add/Create.
Select Request Authority Certificate.
Complete the wizard using the required informa...
DIRECTORY SYNC - FILTER TO SYNC ONLY OBJECTS MARKED WITH AN ATTRIBUTE
An administrator may want to bring in objects from AD, regardless of
what OU they are stored in. You can add an attribute to the required
accounts in AD, and use a filter to define wh...
When adding the LDAP server to Outlook follow the steps below.
1. Enter the server name.
2. Check the box This server requires me to log on.
3. Fill in the Username: cn=admin and password from the sldap.conf
file. Note: Icewarp does not require SPA ...
For MySQL and MariaDB databases, it is recommended to use the InnoDB
engine (or XtraDb for MariaDB). It is NOT recommended to use the
MyISAM engine.
INNODB:
* ROW-LEVEL LOCKING. Having a more fine grained locking-mechanism
gives you higher concurren...
THE FOLLOWING MUST BE DONE ON BOTH THE DOMAIN CONTROLLER AND ICEWARP
SERVER:
* create type A record in your DNS for the URL of webmail (i.e.
mail.xmigrator.com)
* create a "link" user in ActiveDirectory (AD) - it must be located
under _Users_ conta...
Regarding the OpenSSL vulnerability issues covered by Security Alert
(A15-06-04) [http://www.govcert.gov.hk/en/A15-06-04.html] please
upgrade openssl libraries in your system. In order to that follow the
procedure described further below.
AFECTED SYSTEM...
To export all blacklisted addresses from your database via IceWarp
Server Administration console:
1) connect the integrated SQL Manager with your Anti-Spam database
2) write your appropriet query:
_SELECT * FROM SENDERS WHERE SNDAUTHORIZED = 0_
_(...
To filter which users has activated or deactivated services in IceWarp
Server Administration Console under Domains & Acounts- users -
policies tab you can follow bellow suggested example of sql query in
IceWarp integrated SQL Manager or tool command.
If...
Following article is about generating user certificates for signing or
encryption emails of user on your mail server. If you will create your
own CA authority, you can import them to users web browser and use as
dual authentication
[https://esupport.icewa...
A major vulnerability named POODLE has been discovered in the
open-source OpenSSL library, a common workaround used in many current
internet browsers. When there's a connection error during SSL session
the browser falls back to one of the old versions of ...
SYMPTOMS:
You have installed Windows 2003 SP2 32-bit version and during
installation process of IceWarp server you'll get this error message:
"The digital signature verification failed. Please make sure you have
the complete executable."
CAUSE:
Inst...
IceWarp Server 11.1.2 addresses a critical security vulnerability in
WebClient.
SECURITY ADVISORY
In our continued efforts to keep our products on the highest security
level, IceWarp regularly scans for vulnerabilities and exploits both
internally and...
Installation of version 11.1.0.x is sometimes not allowed by the
operating system. The problem is caused by one a package wkhtmltox
which has not been digitally signed. In that case you will see the
error message like this:
_Package wkhtmltox-0.12.2-6a1...
OpenSSL advisory posted June 5th lists multiple OpenSSL
vulnerabilities which have been addressed in OpenSSL 1.0.1h. Customers
are advised to download and upgrade to the latest version of IceWarp,
which includes includes OpenSSL 1.0.1h starting from ICEWA...
In version 10 there was an addition called SmartAttach. This feature
allows users to send attachments up to 2GB in size. This is done by
stripping the attachment and caching this in the GroupWare database
and placing a hyperlink into the message for recip...
Dropbox Integration
With the release of version 11 of the IceWarp Messaging Server
customers will now have the ability to retrieve and send files from
their existing Dropbox account. When composing a message in the
WebClient all users will be allowe...
In version 11 on the newly designed WebClient interface there is a
new option for users to contact the administrator. Administrators have
control to hide this option if they wish. If they allow it then users
will be able to send the administrator of th...
GOOGLE CHROME
1. Click the icon left to the adress in navigation bar
2. Select _\"NOTIFICATIONS\"_
3. Choose _\"ALWAYS ALLOW ON THIS SITE\"_
MOZILLA FIREFOX
1. Click the icon left to the adress in navigation bar
2. Click _\"MORE INFOR...
We have discovered that KASPERSKY changed the antivirus engine and
does not respect the old engine when pushing new updates to ICEWARP
SERVER.
This may lead to conflicts between the update data and the old engine
which can cause the SMTP module to s...
\N\NHOW TO RUN IIS AND ICEWARP ON THE SAME SERVER\N\N
Starting with version 10.1.2, the default port for Web service is 80
(HTTP) and 443 (HTTPS).
These ports are the same as Microsoft's Internet Information Service
(IIS) is using. If you have only ...
We have been recently reported about vulnerabilities in ICEWARP
SERVER 10.4.5. There have been 2 types of potential issues: 1. the
more problematic one (but quite difficult to misuse) in html/rpc
scripts - potential attacker may get content of a file o...
Please follow this workaround in the case if the installation process
hangs on creation of DIRECTORY CACHE database. Unfortunately, there is
a conception problem with upgrades from older versions, because of
changes in DB.DLL.DIRECTORY CACHE is populat...
First of all, before starting migration process it is needed to read
the guide on our website
(http://dl.icewarp.com/documentation/server/tools/IceWarp_Migrator_Guide.pdf
[http://dl.icewarp.com/documentation/server/tools/IceWarp_Migrator_Guide.pdf])
by th...
It's not possible to use the Icewarp backup tool and have the name
changed automatically for database backups. This means that each
backup will overwrite the last.
The backup of the Icewarp configuration however allows you to to name
the backup zip file...
