Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Allowing Pop3 mail through border manager
- Thread starter Daizzy
- Start date
Open up port 110; From your question I am assuming you have an internal GWIA that has POP3 enabled for users to get their mail remotly. To do this, create a custom filter exception that allows port 110 to come in and a second to respond. Be sure you have a secondary IP for the internal box if you are using NAT. Be sure to set the IP address for the internal POP server in the ingoing and outgoing filter exceptions so only the POP server can get POP traffice on port 110.
If you are running both SMTP and POP on the same box, be warned. The mail Nazis over at will label you an open relay, even if you have mail relay disabled in yor GWIA. You should build a second box to do POP to prevent this from happening. Big reason, once you get black listed it can take from 1 week to 3 months to get it cleared and get mail to flow again. There is even a NDSBL that will list you as an open relay if you are just using a DSL line for your business Internet access. There is currently a law suit on the east coast addressing this. It's becomeing an interuption to business and contacting the black lists can be very difficult, some even black list you if you just send them an e-mail to their published e-mail address to ask them for a retest to remove you from the black list, and some won't even except your e-mail because you are black listed.
It's a good idea not being implemented in a professional manor it should be (some of these guys even have posting on their home pages that read like a 15 year old punk wrote them). I wish apone these folks horrible system crashes introduced by ticked off hackers/spammer. Spam sucks, but spam is just annoying, it doesn't cause lost revenue because of lost client communication of legitamite e-mail commerce. Brent Schmidt CNE, Network +
Senior Network Engineer
provogeek@hotmail.com
East Bay, California; USA
If you are running both SMTP and POP on the same box, be warned. The mail Nazis over at will label you an open relay, even if you have mail relay disabled in yor GWIA. You should build a second box to do POP to prevent this from happening. Big reason, once you get black listed it can take from 1 week to 3 months to get it cleared and get mail to flow again. There is even a NDSBL that will list you as an open relay if you are just using a DSL line for your business Internet access. There is currently a law suit on the east coast addressing this. It's becomeing an interuption to business and contacting the black lists can be very difficult, some even black list you if you just send them an e-mail to their published e-mail address to ask them for a retest to remove you from the black list, and some won't even except your e-mail because you are black listed.
It's a good idea not being implemented in a professional manor it should be (some of these guys even have posting on their home pages that read like a 15 year old punk wrote them). I wish apone these folks horrible system crashes introduced by ticked off hackers/spammer. Spam sucks, but spam is just annoying, it doesn't cause lost revenue because of lost client communication of legitamite e-mail commerce. Brent Schmidt CNE, Network +
Senior Network Engineer
provogeek@hotmail.com
East Bay, California; USA
- Thread starter
- #3
- Thread starter
- #4
My suggestion was for users who may be at home, or on the road. The filters I told you about will let a user who attaches to their own ISP from home or hotel and get mail at work.
I now think your asking how to let users get to their personal mail from their computer at work. If this is true, then Novell built the filter you need into the default filter list. Make the source Interface all, and destiantion public. In the port, choose the default filter that should read "POP3-ST", this is port 110 in stateful mode. What this does is allow you to define only a single filter, and when a user goes to check mail, the return path is dynamicly open. This way you don't have to leave port 110 open to the out side world when it is not being used.
If you have GroupWise 5.5 EP or 6 then you can use the GW client to check POP mail, but you stated this is not what you want to do. If you do use outlook, be sure you use Outlook Express to check this e-mail. If you use the Outlook client that works with Exchange (it's the version that comes with Office also), it will molest the GroupWise settings and just be a flate out pain in the ars to deal with. Also, when your users setup Outlook express to check their personal mail, be sure to tell them to uncheck the box that deletes mail from the server when it is checked. This will help you from getting calls complaining that the e-mail they read at work is not getting to their home e-mail program. The user just doesn;t relize they deleted it from the ISP server when they checked their mail. Brent Schmidt CNE, Network +
Senior Network Engineer
provogeek@hotmail.com
East Bay, California; USA
I now think your asking how to let users get to their personal mail from their computer at work. If this is true, then Novell built the filter you need into the default filter list. Make the source Interface all, and destiantion public. In the port, choose the default filter that should read "POP3-ST", this is port 110 in stateful mode. What this does is allow you to define only a single filter, and when a user goes to check mail, the return path is dynamicly open. This way you don't have to leave port 110 open to the out side world when it is not being used.
If you have GroupWise 5.5 EP or 6 then you can use the GW client to check POP mail, but you stated this is not what you want to do. If you do use outlook, be sure you use Outlook Express to check this e-mail. If you use the Outlook client that works with Exchange (it's the version that comes with Office also), it will molest the GroupWise settings and just be a flate out pain in the ars to deal with. Also, when your users setup Outlook express to check their personal mail, be sure to tell them to uncheck the box that deletes mail from the server when it is checked. This will help you from getting calls complaining that the e-mail they read at work is not getting to their home e-mail program. The user just doesn;t relize they deleted it from the ISP server when they checked their mail. Brent Schmidt CNE, Network +
Senior Network Engineer
provogeek@hotmail.com
East Bay, California; USA
- Thread starter
- #7
- Status
Similar threads
- Locked
- Question
- Locked
- Question
- Locked
- Question