Hi!
I've set up a reverse Proxy in IIS, that routes requestst from the internet to the EFA Appliance (efa.domain.com).
Now I can finally report mails as spam on my mobile device when I'm not at home.
The "problem" now is, that the Mailwatch page is now also visible from the internet.
Is there a way to deny access to the Mailwatch from the internet? Changing Port maybe?
I want to be able to report spam mail, but I dont want to be able to log in to the mailwatch, as I don't know how secure this is.
Thanks for the help!
Regards
Philippe
Secure Mailwatch Page from Internet
- shawniverson
- Posts: 3649
- Joined: 13 Jan 2014 23:30
- Location: Indianapolis, Indiana USA
- Contact:
Re: Secure Mailwatch Page from Internet
The reporting function and mailwatch page both exist on port 80 (or 443 if HTTPS)
Separating the two would be difficult at best. (It can be done...but it would require separating the two components into separate virtual directories in Apache and restricting the MailWatch one with an address rule)
If you are using HTTPS, mailwatch is fairly secure (as good as your passwords, of course ). As of this time, there are no known security issues with the mailwatch login page.
If folks are interested in this, I can consider it for a feature request for a future release.
Separating the two would be difficult at best. (It can be done...but it would require separating the two components into separate virtual directories in Apache and restricting the MailWatch one with an address rule)
If you are using HTTPS, mailwatch is fairly secure (as good as your passwords, of course ). As of this time, there are no known security issues with the mailwatch login page.
If folks are interested in this, I can consider it for a feature request for a future release.