Search found 325 matches

by prisma
2024-01-29 18:44
Forum: General discussions
Topic: GData Virus scan implementation based on WHS 2011 example
Replies: 8
Views: 7168

Re: GData Virus scan implementation based on WHS 2011 example

FYI: Obviously, GDATA has understood the importance of exit codes. Especially regarding command line programs which are used for batch jobs. So the solution, as of this writing, is quite simple: "C:\Program Files (x86)\G Data\AVKClient\avkcmd.exe" /scan(e0a0): "%FILE%" /silent /nologo Exit code to c...
by prisma
2022-01-18 11:06
Forum: Development & alpha discussions
Topic: Removing x86 support in 5.7
Replies: 39
Views: 42553

Re: Removing x86 support in 5.7

Oh, and Hmailadmin.exe works for me on HyperV Server Core versions For us too, since years. First 2008core, now 2019core. Therefore, I wrote "improved support needed", not "support needed". We had only problems with filling some edits (as far as I can remember within backup configuration, maybe els...
by prisma
2022-01-17 10:55
Forum: Development & alpha discussions
Topic: Removing x86 support in 5.7
Replies: 39
Views: 42553

Re: Removing x86 support in 5.7

The source is on github By the way, only because you brought it up, this: https://github.com/hmailserver/hmailserver/issues/303 was the only thing, beside security fixes, I hoped being improved in 5.7. I just wanted to be able to type paths by hand in an (existing) edit field when no file picker ex...
by prisma
2022-01-14 13:00
Forum: Development & alpha discussions
Topic: Removing x86 support in 5.7
Replies: 39
Views: 42553

Re: Removing x86 support in 5.7

And I know, it's open source and free to use. Why do I cry?
But I'd rather pay a (OK, small but) appropriate amount for it, every month or year or one time per update, however, than having a freezed product.
by prisma
2022-01-14 12:03
Forum: Development & alpha discussions
Topic: Removing x86 support in 5.7
Replies: 39
Views: 42553

Re: Removing x86 support in 5.7

THIS IS AN ALPHA version Thanks, I know. But When/where/why not there's at least a beta, rc or better release? Years of alpha... Don't get me wrong, I love hmail, such a good piece of software... But dead. At least from the agility point of view. And agility is needed for security. If I could run h...
by prisma
2022-01-14 11:17
Forum: General discussions
Topic: Mysterious problem while integrating a single hmail account with AD
Replies: 3
Views: 942

Re: Mysterious problem while integrating a single hmail account with AD

Is the computer domain joined? HMS uses win32 api logonuser() function to validate creds. Iifc account must have local interactive login priv (ie member of appropriate machine local group or directly assigned priv. Yes, and the user is in the same group as any other (working) user. But the informat...
by prisma
2022-01-13 19:13
Forum: General discussions
Topic: Mysterious problem while integrating a single hmail account with AD
Replies: 3
Views: 942

Mysterious problem while integrating a single hmail account with AD

Hello, I have a mysterious problem while integrating a single hmail account with AD. Other accounts work fine, meaning they have been integrated without any difficulty. We checked and tested user's credentials against AD directly. All other users are able to authenticate against AD via hmail. I foun...
by prisma
2022-01-13 13:19
Forum: Development & alpha discussions
Topic: Removing x86 support in 5.7
Replies: 39
Views: 42553

Re: Removing x86 support in 5.7

but 7 and 8.1 (If you fix the crappy GUI) work fine, and are the only alternatives to Windows 10. Maybe I'll sound like a tinfoil hat wearer, but I'll never trust Windows 10. Sorry for that late reply, have seen this post by chance, which appears more like hijacking than answering ... But: For this...
by prisma
2021-05-04 17:04
Forum: User-submitted tutorials
Topic: HOW TO run Clamwin and have a ClamAV system SERVICE
Replies: 257
Views: 589499

Re: HOW TO run Clamwin and have a ClamAV system SERVICE

This method? Signatures seems to be offered over https:// as well, simply replace http:// with https:// :mrgreen: Yes, this method. Was to lazy to try it myself while writing. But thank you for the test. *thumbsup* EDIT: No, https is not working. Not for us: WARNING: Download failed (60) WARNING: M...
by prisma
2021-05-04 15:34
Forum: User-submitted tutorials
Topic: HOW TO run Clamwin and have a ClamAV system SERVICE
Replies: 257
Views: 589499

Re: HOW TO run Clamwin and have a ClamAV system SERVICE

This method? Signatures seems to be offered over https:// as well, simply replace http:// with https:// :mrgreen: Yes, this method. Was to lazy to try it myself while writing. But thank you for the test. *thumbsup* By the way, is this a good source for spamd binaries? https://www.jam-software.de/sp...
by prisma
2021-05-04 10:12
Forum: User-submitted tutorials
Topic: HOW TO run Clamwin and have a ClamAV system SERVICE
Replies: 257
Views: 589499

Re: HOW TO run Clamwin and have a ClamAV system SERVICE

Clam is useless +++ without the SaneSecurity definitions I use CLam (on my Linux box) as part of my spamassassin tests, and score for stuff found by SaneSecurity, and little if anything else Yesterday I included SaneSecurity DatabaseCustomURLs mentioned above for testing purposes. Worked smoothly. ...
by prisma
2021-05-03 16:56
Forum: User-submitted tutorials
Topic: HOW TO run Clamwin and have a ClamAV system SERVICE
Replies: 257
Views: 589499

Re: HOW TO run Clamwin and have a ClamAV system SERVICE

All true. But the very first post spells that out. :D Seen that, but Cisco calls its product clamAV, not clamWin. The OP tells us clamAV has a service part. Can't confirm that. Here I got the binaries from: https://www.clamav.net/ However, clam seems to be pretty useless without Sane Security defin...
by prisma
2021-05-03 14:43
Forum: User-submitted tutorials
Topic: HOW TO run Clamwin and have a ClamAV system SERVICE
Replies: 257
Views: 589499

Re: HOW TO run Clamwin and have a ClamAV system SERVICE

Well... News travel fast eh? :mrgreen: We've been running ClamAV for years with a stone old daemonizable build, so no need to get new info. :wink: Maybe it was called ClamWin, maybe not. There are dozens of flavours and forks, mingGW dependend and not. Who shall understand or remember this chaos ov...
by prisma
2021-05-03 13:20
Forum: User-submitted tutorials
Topic: HOW TO run Clamwin and have a ClamAV system SERVICE
Replies: 257
Views: 589499

Re: HOW TO run Clamwin and have a ClamAV system SERVICE

Hello, sorry for asking again the OP question. This thread is so huge, it's hard to extract the main answer. And, first of all, from what I have understood from reading, the answer strongly depends on which ClamAV flavour is used. Following internet information I found, I understood that ClamAV was ...
by prisma
2019-09-25 13:44
Forum: Development & alpha discussions
Topic: Removing x86 support in 5.7
Replies: 39
Views: 42553

Re: Removing x86 support in 5.7

Let me annotate that the support for server 2008 (that last 32-bit server) ends also at 14/01/2020 (and that's for professional environments more important than desktop OSs). So, it's absolutely OK to end x86 support in 5.7. BUT some things: There is no .net 3.5/2.0 core package to install in Server...
by prisma
2019-01-22 13:45
Forum: Feature requests
Topic: LUA-Scripting integration
Replies: 3
Views: 10146

Re: LUA-Scripting integration

No, it's not strange. Powershell is perfectly structured, flexible and extensible. Love powershell!
by prisma
2018-11-15 12:11
Forum: Off-topic discussions
Topic: hMailServer - Github Fork and Contributionanalysis
Replies: 4
Views: 6018

Re: hMailServer - Github Fork and Contributionanalysis

Good work! THX a lot.

Hmmm, which knowledge (actions?) can we derive from it? I'm personally not sure, that's why I'm asking.
by prisma
2018-10-11 13:59
Forum: Development & alpha discussions
Topic: LibreSSL built of hMailServer 5.6.8 avaiable (request for testing)
Replies: 13
Views: 10925

Re: LibreSSL built of hMailServer 5.6.8 avaiable (request for testing)

@dravion: the question is not whether your work is necessary or not. Of course it is, I think your analysis helps Martin to decide. If he runs better with libreSSL, here we go (or he should :D ). The basic question is more like: Is it realistic to wait for any kind of improvements in general? Especi...
by prisma
2018-10-11 11:20
Forum: Development & alpha discussions
Topic: LibreSSL built of hMailServer 5.6.8 avaiable (request for testing)
Replies: 13
Views: 10925

Re: LibreSSL built of hMailServer 5.6.8 avaiable (request for testing)

Please let me annotate following: What does Martin say to those trends? OK, core development is slow. But to be honest, for us, hmailserver works pretty perfect and the bug list is rather short in relation to other projects. openSSL 1.0.2.x is supported until 31.12.2019 from what I read. Let's give ...
by prisma
2018-06-21 11:49
Forum: Off-topic discussions
Topic: Force close remotely opened network file handle
Replies: 2
Views: 4198

Re: Force close remotely opened network file handle

THX for info Matt. So, the questions goes to the rest of the highly revered audience:

Did anybody ever find a solution for reliably closing remotely opened network file handles?
E.g. for renaming a remotely crashed EXE during a update process on the server.
by prisma
2018-06-21 11:15
Forum: Off-topic discussions
Topic: Force close remotely opened network file handle
Replies: 2
Views: 4198

Force close remotely opened network file handle

Hey Matt, Are you that guy? https://stackoverflow.com/users/833960/mattg Seems that you had a similar problem like we have at the moment. Did you really ended up in utilizing psexec? Openfiles did never help? https://stackoverflow.com/questions/10780276/windows-can-not-force-close-network-file-handl...
by prisma
2018-03-02 16:09
Forum: Development & alpha discussions
Topic: REQUEST: Allow Users to edit their own rules
Replies: 5
Views: 6048

REQUEST: Allow Users to edit their own rules

Hello, one design problem of the old and the new webfrontend is, that users aren't able to edit their own rules. I assume, this is based on source code restrictions and not changeable because PHP only utilizes COM. Anyway, then let's change the sourcecode. If normal "Users" should be always able to ...
by prisma
2017-11-08 12:57
Forum: User-submitted tutorials
Topic: HOW TO encrypt all incoming email
Replies: 7
Views: 9973

Re: HOW TO encrypt all incoming email

Hi, I agree. The way jacko wants to achieve security does not make many sense. From what I understood from the script, the mailserver has knowledge about the private gnupg key of the user. Or am I wrong? This would break security. If a mail user want to have end-to-end security, he should handle his...
by prisma
2017-10-24 15:32
Forum: Off-topic discussions
Topic: Funny read: MySQL/MariaDB vs. PostgreSQL Datahandling
Replies: 8
Views: 9080

Re: Funny read: MySQL/MariaDB vs. PostgreSQL Datahandling

We use PostgreSQL with roundabout 600 installations at customers side. We are impressed how robust the WAL tactic of postgres is. Our customers have from time to time very unstable systems, corrupt file systems and so on. We never had any bigger data losses and postgres was evry time repairable or w...
by prisma
2017-06-27 10:47
Forum: Development & alpha discussions
Topic: version 5.6.7 - Build 2407 / 64bit installation
Replies: 6
Views: 12137

Re: version 5.6.7 - Build 2407 / 64bit installation

Brrrr, ruhig Brauner! So schnell mahlen die Mühlen hier (leider) nicht :)

Also an Deiner stelle würde ich nicht auf die stabile 64bit Version warten. Schau dir einfach mal die Releasezyklen an. Das kann noch 2 Jahre dauern bis die kommt. Pessimisten würden sagen 20 ;) *kidding*

Grüße!
by prisma
2017-05-24 13:32
Forum: General discussions
Topic: Moving Hmail to new machine
Replies: 6
Views: 5288

Re: Moving Hmail to new machine

If you use a newer hmailserver version, you should completely remove absolute file paths instead of updating to new absolute paths. The path to messages is taken from the INI.
Search this forum, there should be examples for SQL queries.
by prisma
2017-05-24 13:24
Forum: Off-topic discussions
Topic: Win10 "S" - Windows store only Apps
Replies: 2
Views: 4142

Re: Win10 "S" - Windows store only Apps

The pinky, the pinky and the brain, brain, brain, brain...
by prisma
2017-05-17 13:19
Forum: Development & alpha discussions
Topic: Ideas to increase administrative security / privacy
Replies: 8
Views: 7947

Re: Ideas to increase administrative security / privacy

... someone would need a packet sniffer to see email contents, and then only in transit ... I agree, this risk exists. But let's leave it aside. You're right. hmailserver service could run with a special account, and only this account has access to the share. Easier than using EFS for that account....
by prisma
2017-05-17 11:57
Forum: Development & alpha discussions
Topic: Ideas to increase administrative security / privacy
Replies: 8
Views: 7947

Re: Ideas to increase administrative security / privacy

No problem. I want to hear every opinion. We want to protect the messages folder. The problem is there's at the moment no additional security "around" the messages storage. Storing something plain text and searchable in the FS makes it hard to add security. I did a lot of MCSE/MCSA certifications, s...
by prisma
2017-05-17 10:33
Forum: Development & alpha discussions
Topic: Ideas to increase administrative security / privacy
Replies: 8
Views: 7947

Re: Ideas to increase administrative security / privacy

@Matt: no bad idea, but as long the SAN is mounted, it's not more than a local drive. Searching is even possible with indexing disabled on that volume. But slow. Mounting a drive only for a special user is not possible with windows. NTFS ACLs could be re-adjusted from every local serveradministrator...
by prisma
2017-05-16 17:45
Forum: Development & alpha discussions
Topic: Ideas to increase administrative security / privacy
Replies: 8
Views: 7947

Ideas to increase administrative security / privacy

Hello, regarding exchange I have the possibility to adjust users ACLs. So the user could be able to backup a exchange Server or to do other administrative things with exchange without being able to read all mails. With hmailserver I only have to click on the right mail address within messages folder...
by prisma
2017-03-14 11:43
Forum: Development & alpha discussions
Topic: hMailServer web-interface redesign
Replies: 176
Views: 264819

Re: hMailServer web-interface redesign

Got an error directly on http://localhost/?page=account&action=edit&domainid=3&accountid=10 Operation failed Description: strtotime(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case yo...
by prisma
2016-05-03 16:36
Forum: Development & alpha discussions
Topic: 5.6.5 and 5.7
Replies: 19
Views: 29975

Re: 5.6.5 and 5.7

THX, Martin.
by prisma
2015-10-07 16:20
Forum: User-submitted tutorials
Topic: HMS v5 Windows Server Core - Installation
Replies: 2
Views: 9278

Re: HMS v5 Windows Server Core - Installation

If you want to serve also the phpAdmin you'll have to got through the DCOM hell: On e.g. a Server 2008 Core: use "dcomperm -al {5EDEC473-39E0-43F6-A234-1947071721C8} set IIS_IUSRS permit level:ll,la". Dcomperm is included as sample in "Windows SDK for Windows Server 2008". You'll have to build the e...
by prisma
2015-09-24 17:36
Forum: Feature requests
Topic: Autoreply Start Date
Replies: 15
Views: 13239

Re: Autoreply Start Date

+1

And I'd love to have the already notified addresses persistent in database and not only in memory. Once the Server restarts, everybody is notified again...
by prisma
2015-06-15 13:32
Forum: Feature requests
Topic: Long-term roadmap suggestions?
Replies: 91
Views: 88565

Re: Long-term roadmap suggestions?

I have downloaded the code for this: http://www.j-interop.org/ but never got around to unpack it and test it - Java skills still a bit rusty... It may just just be the best FREE solution available. What's the plan? Writing a java servlet using DCOM to configure hmailserver remotely? And writing a r...
by prisma
2015-06-12 14:33
Forum: Feature requests
Topic: Long-term roadmap suggestions?
Replies: 91
Views: 88565

Re: Long-term roadmap suggestions?

I vote for other because I need a webmail integration to change passwords and some other minor things but Roundcube in Windows/IIS have a very bad performance and I can't integrate Linux/Apache Roundcube with Windows hMailserver (https://myroundcube.com/myroundcube-plugins/hmail_password-plugin). J...
by prisma
2015-06-09 12:57
Forum: Feature requests
Topic: Internal Backup With Messages but without EML Files
Replies: 8
Views: 9188

Re: Internal Backup With Messages but without EML Files

Merged or deleted? :wink: Seems that everybody who voted yes for the other poll has also voted yes here. Because the 15 yes have not changed here... miraculous but not implausible :wink:
by prisma
2015-06-09 01:17
Forum: General discussions
Topic: [BUG] Backup Script Crashing Periodically
Replies: 50
Views: 29779

Re: [BUG] Backup Script Crashing Periodically

Guys, I'm not able to understand why we have to write batches and patches, do tricks, read hints about bugs, write post after post. This software has a build in backup and should be able to do a hot backup compressed, not compressed or completely without messages. But it is not able to. This should ...
by prisma
2015-06-08 16:18
Forum: Feature requests
Topic: Internal Backup With Messages but without EML Files
Replies: 8
Views: 9188

Re: Internal Backup With Messages but without EML Files

Has an duplicate: viewtopic.php?t=22365

Anybody able to merge these two?
by prisma
2015-06-08 16:07
Forum: Feature requests
Topic: Backup Progress
Replies: 4
Views: 5202

Re: Backup Progress

If this was the only problem of the backup I was happy. But I'll vote yes. If this would be improved the other problems would have possibly been also touched. Many conjunctives, maybe wrong, but you'll know what I mean ;)
by prisma
2015-05-21 12:43
Forum: Off-topic discussions
Topic: Quiet, isnt it.....
Replies: 4
Views: 5152

Re: Quiet, isnt it.....

Hey guys, hey martin, only wanted to say: I had time now for updating from 5.4-billspecialbuild to 5.6.3 (yiepieh). Worked like charm, no problems with cert validation. Seems that most ISPs in Germany have valid certs for their relayers and pop servers. Possibly imagination, but the server feels mor...
by prisma
2015-03-31 12:04
Forum: General discussions
Topic: Backups no longer working
Replies: 15
Views: 10146

Re: Backups no longer working

(Dont ask why, it's too long to explain and frankly ridiculously contentious. Just accept what I am saying). LOL, ROFL :lol: However, that backup shouldnt really be relied on and it is infinitely better if you create your own backup procedure. Sad. ... Hmmm, we're talking about the lack of a reliab...
by prisma
2015-03-26 18:35
Forum: Development & alpha discussions
Topic: Internal Backup/Restore - Reasonable Restrictions?
Replies: 11
Views: 11487

Re: Internal Backup/Restore - Reasonable Restrictions?

Martin had created a poll for future improvements:
viewtopic.php?t=27191
I already wrote there the backup system was a little bit a step child of hmailserver. Unfortunately it not a own item to choose. I think Martin sees no reason for improvements regarding backup.
by prisma
2015-03-23 18:49
Forum: Development & alpha discussions
Topic: Reasons for NOT upgrading...
Replies: 11
Views: 11106

Re: Reasons for NOT upgrading...

c, Upgrading has been problematic to some people (ie BACKUP and then RESTORE of data) The only thing I'm able to remember regarding backup was a problem with restoring uncompressed backups: https://www.hmailserver.com/forum/viewtopic.php?t=25571 But this is definitely not related to 5.6 and has alw...
by prisma
2015-01-27 15:42
Forum: General discussions
Topic: Self-signed certificate no longer accepted by external account download
Replies: 6
Views: 5381

Re: Self-signed certificate no longer accepted by external account download

As far as I understood Martin certificates a checked for smarthost, routes AND pop3c after update to 5.6. This means for every explicit / manually configured host. Certificate are never checked for MX resolved hosts.
by prisma
2014-11-10 11:53
Forum: General discussions
Topic: Blank Email message
Replies: 18
Views: 11560

Re: Blank Email message

I'm surprised still nobody is asking 'Why does hmailserver consume so much memory?'. I reported a memory leak months ago while moving many emails through IMAP folders with thunderbird. This is a big problem `cause a mailserver admin can't never prevent people from moving their emails around. Are you...
by prisma
2014-10-29 14:21
Forum: Development & alpha discussions
Topic: DH-ciphers will be supported in 5.6
Replies: 5
Views: 7533

Re: DH-ciphers will be supported in 5.6

No. Usage of DH or not has nothing to do with HIGH. After deleting HIGH only TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16 was used instead of TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32. Arg! It should be possible to use multiple DH keyfiles, shouldn't it? I'm not sure, but I think 1024 is standard. Openssl generates ...
by prisma
2014-10-21 13:39
Forum: Development & alpha discussions
Topic: DH-ciphers will be supported in 5.6
Replies: 5
Views: 7533

Re: DH-ciphers will be supported in 5.6

While testing 5.6 I noticed that (EC)DH isn't used always. A fall-back to version=TLSv1 cipher=AES256-SHA bits=256 sometimes done. Hmailserver is configured with the ciphers above. My ISP gave me info that only TLSv1 with following ciphers is supported: Accepted TLSv1 256 bits DHE-RSA-AES256-SHA Acc...
by prisma
2014-10-15 13:05
Forum: Feature requests
Topic: Long-term roadmap suggestions?
Replies: 91
Views: 88565

Re: Long-term roadmap suggestions?

So, having a mailserver dealing with the PKI centralized would be highly interesting for you. This gave mail administrators the opportunity to offer similar man-in-the-middle services. Just by the way, in Germany similar "man-in-the-middle" services have been introduced. It's called "De-Mail" or "E-...
by prisma
2014-10-15 10:50
Forum: Feature requests
Topic: Long-term roadmap suggestions?
Replies: 91
Views: 88565

Re: Long-term roadmap suggestions?

I agree that this would be unique, and could only envisage it working with a hMailserver at both ends, unless the keys were somehow shared with a mail client at the other end. Lets add PKI to the mix (That's what we use in Australian Healthcare) Possibly just a misunderstanding. Of course based on ...
by prisma
2014-10-14 19:24
Forum: Feature requests
Topic: Long-term roadmap suggestions?
Replies: 91
Views: 88565

Re: Long-term roadmap suggestions?

I'd say yes, IMAP. But also sending of large attachments can be a pain, although connected via LAN and clamav is deactivated...
by prisma
2014-10-14 10:24
Forum: Feature requests
Topic: Long-term roadmap suggestions?
Replies: 91
Views: 88565

Re: Long-term roadmap suggestions?

PS, regarding clustering support: Would be a great thing, but there are specialists out there for HA clustering. On OS base, on database level, based on whatever. I'm not sure if hMailserver should try to play with these guys :)
by prisma
2014-10-14 09:46
Forum: Feature requests
Topic: Long-term roadmap suggestions?
Replies: 91
Views: 88565

Re: Long-term roadmap suggestions?

My personal opinion is a mailserver has to be reliable, fast and secure. So, my first vote is Security/Privacy. In times where we have to fight more and more against intelligence services and hackers, we have to continuously improve security/privacy features. If you don't go forward, you go backward...
by prisma
2014-10-08 09:15
Forum: Development & alpha discussions
Topic: DH-ciphers will be supported in 5.6
Replies: 5
Views: 7533

Re: DH-ciphers will be supported in 5.6

I very appreciate your work. Regarding backward compatibility you should have no concerns. I'm no crypto guru. But I think "...AES128:AES256:RC4-SHA..." is a build in fall-back for weak clients, isn't it?
by prisma
2014-10-03 21:03
Forum: Development & alpha discussions
Topic: Certificate issue when sending and receiving email on 5.5
Replies: 29
Views: 24554

Re: Certificate issue when sending and receiving email on 5.

Good idea. But your problem sounds like Martin should do some research. I think you'd better send him the cert or url to your server and let him check the problem. It's important to get 5.5 stable.