COMMAND

    NTMail

SYSTEMS AFFECTED

    NTMail 5.x

PROBLEM

    'Geo.' found following.   NTmail version 5.x (possibly  other) has
    two web functions.  One  is a web configuration server  which lets
    you configure the mail server via a browser.  The other is it  can
    also work  as a  proxy server.   These two  functions are  set  by
    default to  use two  different ports  (8000 for  configuration and
    8080 for proxy).  The proxy function has an off switch so you  can
    turn off  proxy and  still be  able to  configure your mail server
    via the browser  and also to  allow your users  to read email  via
    the browser.

    So lets  say you  use NTmail  and you  also have  a separate proxy
    server with  restrictions for  certain sites,  java, whatever, you
    have it  restricted to  protect your  network and  keep your users
    from visiting hacker  and nudie sites.   If the web  configuration
    for NTmail is  on port 8000  (default) and proxy  in NTmail is  on
    port 8080  (default) and  you have  proxy disabled  then the users
    are forced  to go  thru your  restricted proxy  server.  Port 8080
    does not work.  However if  the user changes their proxy setup  to
    point to NTmail  on port 8000,  it proxies them  right out to  the
    internet with no restrictions at all.

SOLUTION

    This case the discovery  of this was made  by Simon Talbot on  the
    NTmail  support  list.   The  workaround  is  to  disable  the www
    configuration service until a patch is released.