Highlighted
Absent Member.
Absent Member.
615 views

GWIA SMTP Intruder Detection

Hi,

running GW2014 SP1 we noticed that Intruder Detection does not work, when
someone is trying to send SMTP mail using our GWIA.

Intruder Detection is enabled on the POA level. GWIA itself does offer
this option for POP3 only. But to my knowledge (based on these forums)
intruder detection *should* react on smtp accesses also. I had opened a
SR for that and the engineer confirmed my opinion, at the same time
stating, that any fix will only be made for R2, if necessary.

Therefor my questions here:
1) can anyone confirm that Intruder Detection for SMTP accesses does work
for GW2014 SP2 (not R2) or even SP1?
2) can anyone confirm that Intruder Detection for SMTP accesses does work
for GW2014 R2?

Thanks in advance!
Frank
Labels (1)
0 Likes
6 Replies
Highlighted
Micro Focus Expert
Micro Focus Expert

Re: GWIA SMTP Intruder Detection

Hi Frank,

What kind of authentication are you using in your GroupWise system - LDAP or GroupWise? Please let us know.

Cheers,
Laura Buckley

Views/comments expressed here are entirely my own.
If you find this post helpful, please show your appreciation and click on "Like" below...
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: GWIA SMTP Intruder Detection

Hi Laura,

> What kind of authentication are you using in your GroupWise system -
> LDAP or GroupWise? Please let us know.


It's native Groupwise authentication.

Regards,
Frank
0 Likes
Highlighted
Knowledge Partner
Knowledge Partner

Re: GWIA SMTP Intruder Detection

Hi.

Am 09.03.2016 um 10:32 schrieb Frank Langner:
> Hi,
>
> running GW2014 SP1 we noticed that Intruder Detection does not work, when
> someone is trying to send SMTP mail using our GWIA.
>
> Intruder Detection is enabled on the POA level.



Possibly stupid question: Does it work at all? Aka have you verified it
works for failed logins from the GW client or Webaccess?

CU,
--
Massimo Rosen
Novell Knowledge Partner
No emails please!
http://www.cfc-it.de
CU,
--
Massimo Rosen
Micro Focus Knowledge Partner
No emails please!
http://www.cfc-it.de
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: GWIA SMTP Intruder Detection

Hi,

> Possibly stupid question: Does it work at all? Aka have you verified it
> works for failed logins from the GW client or Webaccess?


yes, it works for GW Client as well as WebAccess, whereas to my knowledge
WebAccess implements its own mechanism (an account locked by WebAccess
can not be unlocked within the GW Administration).

Regards,
Frank
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: GWIA SMTP Intruder Detection

Massimo,

can you confirm that this kind of intruder lockout (by SMTP access) *is*
supposed to work on 2014.0.2? Or on 2014 R2?

Regards,
Frank
0 Likes
Highlighted
Knowledge Partner
Knowledge Partner

Re: GWIA SMTP Intruder Detection

Am 14.03.2016 um 16:42 schrieb Frank Langner:
> Massimo,
>
> can you confirm that this kind of intruder lockout (by SMTP access) *is*
> supposed to work on 2014.0.2? Or on 2014 R2?


Sorry for the late reply.

It is absolutely supposed to work, considering that there is no
different. To the POA, it doesn't (shouldn't) matter what type of
"client" connects to it. And GWIA is just another client for the POA. It
can distinguish it technically from others like webacess r the full
featured windows client, but it should by no means behave differently,
hence I'm surprised.

I haven't had the time so far to test it myself however. 😞

CU,
--
Massimo Rosen
Novell Knowledge Partner
No emails please!
http://www.cfc-it.de
CU,
--
Massimo Rosen
Micro Focus Knowledge Partner
No emails please!
http://www.cfc-it.de
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.