Search Results

Search found 467 results on 19 pages for 'outbound'.

Page 12/19 | < Previous Page | 8 9 10 11 12 13 14 15 16 17 18 19 | Next Page >

Steps to make sure network is not blacklisted...Again

- by msindle

I have an interesting issue. I have a client that just got blacklisted due to spam being sent out over the last 2 days. I have my firewall configured to only allow mail to go outbound on port 25 from our mail server (Exchange 2010) exclusively and I have verified that there are no open relay's on our transport rules. We are running Vipre Business and after running deep scans with updated definitions all computers come back clean. I ran a message tracking report on our Exchange server that shows all mail sent via the mail server over the last couple of weeks and didn't see anything malicious or out of the ordinary. I have also verified that there are no home devices or rouge computers on the network. For all practical purposes it appears that the network is clean, but we still wound up on 5 or 6 blacklists...Where should I start looking next? Is there a "best practices" guide that can help eradicate this issue? Thanks in advance! msindle

Read the article
IPSec on Domain Controllers and Trusted Domains

- by OneLogicalMyth

I am looking at configuring IPSec as follows: Isolation Request authentication for inbound and outbound connections Computer and user (Kerberos V5) I am looking to do a blanket deployment across all servers and domain controllers. Workstations I will leave as not set. What impact in terms of the domain controllers with the 2-way forest trust do think I would see? Should I exclude the IP addresses of the trusted domain controllers? I don't want to stop communication between the current and trusted forest, however I do want IPsec to be used within the current forest on all servers. The trusted forest is running 2008 R2 and the current forest is 2012 R2.

Read the article
Set ReturnPath globally in Postfix

- by Gaia

I have Magento using Sendmail and Wordpress using PHPmailer to send webapp-generated mail. Occasionally, someone will enter their email address incorrectly and the mail (let's say, a purchase receipt) will bounce back to the return-path specified by the script. I dont want to set the return path for each vhost, especially because it is not easily done. Ideally, WP would use the address of the blog admin and Magento would use one of the numerous email fields specified, but they default to using username@machinename (in my case, username is the system user and machinename is a FQDN, but it is not the same as the actual vhost FQDN). The result is that bounced mail returns to the server and, since the server is used only for outbound SMTP, the messages sit there, undelivered and worse, unread. I'm Postfix 2.6.6 on CentOS 6.3, is it possible to globally force a specific returnpath for all messages sent via PHP on the server?

Read the article
Is there a way to set up message moderation in Exchange 2007?

- by Nate Pinchot

Is there a way to get a feature in Exchange 2007 similar to message moderation in Exchange 2010 through the use of third party tools or otherwise? I've Googled things like "exchange 2007 outbound email approval" to no avail. We are working on getting Exchange 2010 implemented but I need an interim solution if at all possible. The reason for this is from a customer service perspective. I am willing to use a small process to be a smart host if needed. I would appreciate any suggestions or advice. Edit: My apologies, I should have been more clear that I am trying to moderate/approve outgoing email from certain users, not moderate/approve email sent to a distribution group.

Read the article
Cisco NAT + IPSec + Web Server Configuration Question

- by zagman76

Hello - I currently have a Cisco 881W, and it is configured with one of our static IPs to do basic NAT for the network. We also have a web server that needs it's own IP. I configured the NAT for the 2nd IP, however now traffic through our IPSec VPN doesn't route to the web server properly (well, it routes to the internet, rather than through the Tunnel). I followed the instructions here: http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080094634.shtml But now the outbound NAT doesn't seem to be working properly - it keeps going to the NAT of the Cisco, and not the designated IP address. If anyone can assist, I would appreciate it greatly. Let me know what you need, and I'll get it to you! Thanks!

Read the article
Limit number of simultaneous connections squid makes to a single server

- by Ben Voigt

Note: I am asking about outbound concurrent connection limits, not inbound, which is sufficiently covered on existing questions Modern browsers typically open a large number of simultaneous connections, to take advantage of the fact that TCP fairly shares bandwidth between connections. Of course, this doesn't result in fair sharing between users, so some servers have started penalizing hosts which open too many connections. This limit can be configured client-side (e.g. IE MaxConnectionsPerServer, Firefox network.http.max-connections-per-server), but the method differs for each browser and version, and many users aren't competent to adjust it themselves. So we turn to a squid transparent HTTP proxy for central management of HTTP download. How can the number of simultaneous connections from squid to a remote webserver be limited, so the webserver doesn't perceive it as abuse of concurrent connections? Ideally the limit would be per source address. Squid should accept virtually unlimited concurrent requests from the client browser, and issue them sequentially to the remote server, only N at a time, delaying (but not dropping) the others.

Read the article
How can i access windows XP remote desktop on private IP from internet?

- by Jennie

So the machine is behind a DSL router on a private IP so that it can not receive inbound requests. I want to know: Is there anyway to setup the router NAT (i highly doubt it supports one to one port mapping) without disturbing other users on the same router. I have another machine on internet which has public IP on it without any firewall. Can i use this machine as a relay server so that to initiate the connection, the XP machine send an outbound request and this relay server makes my connection through and then i can access my machine on pvt ip without any problem. Please tell??

Read the article
Apt Stalls When Using HTTP Sources

- by UltraNurd

I was getting some to me inexplicable behavior from apt-get/aptitude on an admittedly crusty old webserver. While it was otherwise running fine, as soon as I tried a package upgrade, after a downloading a few updates it would stall completely, then my SSH session hung (and I was unable to reconnect), thus requiring a hard restart. First, I switched to a different package source in /etc/apt/sources.list, but still got the same behavior. At this point I was assuming the NIC was dying in some weird way... but as soon as I changed the package source to use FTP instead of HTTP, everything worked fine, and I was able to upgrade. For now I'm not too concerned since I have an easy work around, but it implies that there's something very weird with my network setup, since it seems to be protocol (or port?) specific. I didn't think any of my NAT setup would affect outbound traffic, but I could be crazy. Any ideas what I should try to look for?

Read the article
Tunneling HTTPS traffic via a PUTTY/SSL tunnel with SOCKS

- by ripper234

I have configured a SOCKS ssh tunnel to a remote proxy, and set my Firefox to use localhost:<port> as a SOCKS proxy. My intention is to tunnel outgoing HTTP/S connections from my machine via a specific 3rd party server I own (on AWS). In my testing, HTTP UTLs are forwarded properly (e.g. when I access http://jsonip.com/ from my computer I do get the server's IP) However, whenever I try to reach an HTTPS address, I get this error: The proxy server is refusing connections How do I debug/fix it? My PUTTY tunnel config is simply (some random source port number + dynamic checked): P.S. I'm aware I might need to manually accept SSL certificates. The reason I'm doing this is to resolve problems using gmail as an outbound SMTP service.

Read the article
rsync server side limit bandwidth/connection

- by c2h2

In a VOIP application, I have upto 3000 clients rsync audio files from there linux server in a daily, server is placed at a data center (10Mbps in/out bound), the server works as a VOIP sip server running FreeSWITCH (low ping latency should be ensured.) Therefore I would like to have server side control of rsync which controls: Limit total outbound bandwidth. Limit total number of connections. (Reject clients while at max number of connection and let it retry after a specific time frame.) OPTIONAL: list/kill individual connections. Normally I would use ssh + rsync + pem_keys with some extra options, but above requirements are not feasible by simple command lines. Can anyone point me some direction. or show some scripts/tools? I would also probably integrate them and release on github. Thanks!

Read the article
SOCKS Proxy and HTTP Proxy considerations with push notifications

- by J.Ashworth

I'm working with push notifications in a mobile application, and I've been informed that a lot of our clients may be using SOCKS or HTTP proxies for outbound and inbound traffic. Is there anything in particular I need to program or document with regards to deploying our mobile app in this sort of environment? If you were setting up and installing the application server, what guarantees would you want from the person that had programmed it? Specifically regarding push notification services for all four major OSes (APNS, GCM, BPS and MPNS). I've got absolutely no experience with proxies or server deployment, in case you couldn't tell :)

Read the article
DD-WRT Router Can't hold a connection after initial setup...

- by AC

Struggeling with my new DDWRT router (Buffalo WZR-HP-G300NH) configuration. I configured it using one machine while comparing the settings on my existing Linksys WRT54GL on another machine. To the best of my knowledge, I've set it up the same way as my Linksys, but DDWRT has so many other options. After configuring it, I plugged it into the modem, VOIP device & my network. I see the phones come back online. However after a few minutes, it seems I lose the outbound connection (phones die and I can't get out over HTTP). What's confusing me is it works for a few minutes, then it fails. No idea what to look for. Ideas?

Read the article
route to vpn based on destination

- by inquam

I have a VPN connection on a Windows 7 machine. It's set up to connect to a server in US. Is it possible, and if so how, to setup so that .com destinations uses the vpn interface and .se destinations uses the "normal" connection? Edit (clarification): This is for outbound connections. I.e. the machine conencts to a server on foo.com and uses the VPN and the machine connects to bar.se and uses the "normal" interface. Let's say foo.com has an IP filter that ensures users are located in USA, if I go through the VPN I get a US ip and everything is fine. But tif all traffic goes this way the bar.se server that has a IP filter ensuring users are in Sweden will complain. So I want to route the traffic depending on server location. US servers through VPN and others through the normal interface.

Read the article
How do I stop someone from saturating my line & wasting CPU cycles

- by JoshRibs

My web host shows inbound & outbound traffic with mrtg. I have a steady 3.5mbps inbound traffic from Nigeria. Even assuming the source IPs & destination ports are blocked with Iptables & verifying nothing is listening on those ports, will the traffic still always pass through the switch & "get" to my server (where my server wastes CPU cycles "dropping" the packets)? Assuming I was setup with a hardware firewall, the traffic would still show in mrtg assuming the firewall is behind the switch? So is there any way to stop someone from saturating your 100mbps line, if they also have a 100mbps line? Other than filing an abuse complaint with the kind folks in Nigeria?

Read the article
Windows 2008 - Define IP Order by port or service

- by Josh

I have a Windows 2008 server that has three IP bound to the NIC. I can select which IP Windows SMTP listens to, but I want to also set the IP address used when mail is sent. Where would I set which outbound IP to use when sending email? Without using real IPs, here is an example what I have setup. Three IPs associated with the server: 10.0.0.1 10.0.0.2 10.0.0.3 I setup the binding on 10.0.0.2 for port 25 in the SMTP server settings, so that it is the only IP that will respond for inbound. When I look at the email header from an email sent from that server, it lists the server with an address of 10.0.0.3. I would like it to use 10.0.0.2 so that when reverse DNS is performed, it maps back correctly.

Read the article
Opening firewall to incoming port 443

- by jrdioko

I recently set up the ufw firewall on a Linux machine so that outgoing connections are allowed, incoming connections are denied, and denied connections are logged. This seems to work fine for most cases, but I see many denied connections that are incoming on port 443 (many with IPs associated with Facebook). I can open that port to incoming connections, but first wanted to ask what these could be. Shouldn't HTTPS requests be initiated by me and be treated as outbound, not inbound connections? Is it typical to open incoming port 443 on consumer firewalls?

Read the article
Using iptables to block ALL outgoing traffic from one NIC?

- by edanfalls

Hi, I must pretty bad at Googling as this seems like a very basic question but I can't seem to find the answer anywhere... and man iptables is a very long read! I have two NICs - eth0 and eth1 - on a linux box and I want to block ALL outbound traffic (TCP and UDP across all ports) from one of the NICs, so that no traffic makes its way back up to the router. What is the command for this? I have only seen examples with specific ports. Thanks in advance.

Read the article
How secure is using "Normal password" for SMTP with connection type = STARTTLS?

- by harshath.jr

I'm using an email client for the first time - for the most part I've always used gmail via the web interface. Now I'm setting up thunderbird to connect to an email server of my own (on my own server, own domain name, etc). The server machine (and the email server on it) was preconfigured for me. Now i figured out away by which I'm able to send and receive email, but I noticed that in the outgoing and incoming servers section, the connection type was STARTTLS (and not SSL/TLS), and the Authentication Type was "Normal Password". Does this mean that the password will be sent across in plain text? I'm very paranoid about security - its the only way that it works for me. Can someone please post links that explain how SMTP (my outbound server) and IMAP (my inbound server) servers work, and what connection type means what? Thanks! PS: If this question does not belong here, please redirect me.

Read the article
Micrsoft fax server not seeing new modem

- by Tim Meers

I recently added a new modem (a plain ol consumer grade one) to a fax server thats been up and running for years running on Microsoft Server 2003 fax services. The server currently has two modems, the new one is identical to one of the existing. After installing the new modem it showed up in the Fax Server Manager as a device but was not doing outbound faxes. (The server by default does not handle incoming.) So after a reboot the server no loger sees the modem in the Fax Server Manager but is listed as a device in device manager. I've attempted to restart just the fax service and even the whole box again but to no avail. Any one have any ideas on this one? Or any one with good links to resources for the fax service?

Read the article
Restricting output to only allow localhost using iptables

- by Dave Forgac

I would like to restrict outbound traffic to only localhost using iptables. I already have a default DROP policy on OUTPUT and a rule REJECTing all traffic. I need to add a rule above that in the OUTPUT chain. I have seen a couple different examples for this type of rule, the most common being: -A OUTPUT -o lo -j ACCEPT and -A OUTPUT -o lo -s 127.0.0.1 -d 127.0.0.1 -j ACCEPT Is there any reason to use the latter rather than the former? Can packets on lo have an address other than 127.0.0.1?

Read the article
Setting up a transparent proxy with only one box.

- by Scott Chamberlain

I am playing around with transparent proxies, unfortunately I do not have two machines to test it out with. The current way I am doing things is the program makes a request to a computer on port 80, I use iptables -t nat -A OUTPUT -p tcp --destination-port 80 -j REDIRECT --to-port 1234 to redirect to my proxy that I am playing with. the proxy will send out a request to port 81 (as all outbound port 80 are being fed back in to the proxy so I want to do something like iptables -t nat -A OUTPUT -p tcp --destination-port 81 -j DNAT --to-destination xxxx:80 The problem lies with the xxxx part. How do I change the destination port without changing changing the destination ip? Or am I doing this setup completely wrong, I am learning after all and constructive criticism is definitely appreciated. The machine I am using is pretty low end so I would like not not have to create a VM with a second box unless absolutely necessary.

Read the article
Outlook 2010 and Exchange 2003

- by user69644

We've had some issues with a user who has upgraded to Outlook 2010 and attached to an internal Exchange 2003 SP2 server. They get errors more or less saying cannot send, contact your administrator and then a long error string whenever attempting to send. They receive just fine - but can't get any outbound flow. We recreate the users profile on another Windows 7 machine with Outlook 2010 and it worked fine. Concerned this might be an issue that rears it's ugly head later or at some random time. We noted some KB docs about the issue recommending registry changes - we've reviewed and ensure these changes were made and still have the issue on the one machine. Any thoughts?

Read the article
Where does traffic shaping typically take place?

- by eekmeter

As part of upgrading our network infrastructure we are looking to traffic shape our bandwidth since we only have about 3Mb down / 1 Mb up. We're looking to prioritize it so that web browsing gets priority and in the future some VOIP might be added in as well. Internal LAN traffic doesn't need to be controlled just our outbound connection. I've been looking at Cisco hardware and it seems that several of their products do shaping at the core switch, firewall, and router level. I'm wondering where does shaping normally take place? Is it normally done at the router, core switch, or firewall?

Read the article
How can I prevent OpenVPN Client from blocking inbound connections while a tunnel is connected?

- by joshudson

We have this machine that we RDP into for using OpenVPN. When a tunnel is connected, it is not possible to RDP into the machine. Should we get disconnected, this is a problem (machine is headless). How can I stop OpenVPN from blocking inbound RDP? I do not have access to the server configuration. If there's anything interesting on the client to check you'll have to tell me how to get at it. I eliminated the possibility of routing issue before asking the question. Only inbound connections cannot be opened. Outbound connections to LAN can be opened just fine. EDIT: Don't bother answering. The problem disappeared without any known changes being made.

Read the article
reverse-proxy web access on a server where only SSH is allowed

- by Kaii

Every once in a while i have to connect to a server where access is highly restricted. Only inbound SSH is allowed by the DMZ firewall - outbound HTTP connections are blocked. I'm looking for a good way to tunnel web access through my SSH session, so i can install updates and software via yum / apt-get. What do you do in such a situation? SSH has the -D <port> SOCKS proxy option. But unfortunately it is one-way only from client to server and there is no reverse option.

Read the article

< Previous Page | 8 9 10 11 12 13 14 15 16 17 18 19 | Next Page >