Kerio Connect

Welcome to our Kerio Connect feedback forum. Do you have an idea? Do you recognize a good idea when you see one? We want to hear from you!

How can we improve Kerio Connect?

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Security - Login guessing protection

    -i like to see a list for blocked accounts and like to unblock each account. E.g. two or three accounts are blocked, so i like to unblock only one of them.

    -The button "unblock all accounts now" is important too, please don't remove it.

    1 vote
    Vote
    Sign in Sign in with GFI
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  2. Allow us to install frontend ssl certificate through webadmin on multi-server

    On a Connect multi-server setup, we can install the ssl certificate for the puppet master just fine, but to install the ssl certificate on a frontend proxy server, we need to manually go into via ssh and replace the certificate. This is not very user friendly and not very intuitive. I believe this is an overlooked feature of the multi-server setup. Thank you.

    3 votes
    Vote
    Sign in Sign in with GFI
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  3. Attachment filter: Provide the "Discard zip archive containing files with dangerous extensions" option by extension and not globally.

    Generally we want to filter zipped and not zippend attachements. But for some extensions we need a method to let them through to not break our business processes (e.g. we need to allow zipped .xlsm and .docm files) and block everything else.

    6 votes
    Vote
    Sign in Sign in with GFI
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  4. Support RHSBL

    We make extensive use of the Spam Filter's Blacklists by increasing spam scores by 0.1 for each occurence on a DIFFERENT list (it reduces the number of false positives - the more lists an IP is on, the more likely it receives a higher spam score, adding more weight to some lists than others) and we ALSO use it with whitelists (by assigning a NEGATIVE score - which works like a charm.

    However these are IP based lists. It would be helpful if RHSBL are also supported -- and even better if Kerio Connect could figure out by itself what…

    1 vote
    Vote
    Sign in Sign in with GFI
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  5. Encrypt storage

    Currently, all messages are displayed as * .eml and available without restrictions. Encrypting storage administrator password solve this issue

    4 votes
    Vote
    Sign in Sign in with GFI
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  6. Allow disabling DSNs (receipts that the message has arrived at the mailserver)

    It should really be possible to disable the automatic receipt messages from the mail server (this has nothing to do with read-receipts), because spammers can easily exploit that to verify mailboxes. Therefore posting in Security.

    7 votes
    Vote
    Sign in Sign in with GFI
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  7. Improve security

    There are several ways the security can be approved.
    First of all the 5 minutes block time on password guessing should be configurable. A lot of zombies just keep on trying. When locked out for 5 minutes they just continue after 6 minutes.
    -
    Even worse: Kerio Connect doesn't have any protection against e-mail harvesting. Just see the attached log file. Those attacks are pretty easy to recognize and action should be taken.

    42 votes
    Vote
    Sign in Sign in with GFI
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  8. Utilization security option: filtering and audit by nations and by connection from new clinets

    I propose to implement an option to send an alert email to you if your account is used by the new device, and / or new nations .

    Something similar to what they do with Facebook and Google .

    5 votes
    Vote
    Sign in Sign in with GFI
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  9. Antispam: small

    Small zip files are malware! Large zip files are legit!

    I would love to give a high spamscore or stop zip-files below a certain size. Large zip-files are usually legit. Zip files with a size below 100k is 99.9% certainly some new malware – many of whom escape signature scanning and may pose a threat.

    If attachment LIKE (zip|rar) AND size <100k then (delete|spam|quarantine)

    please?

    4 votes
    Vote
    Sign in Sign in with GFI
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  10. Keep email containing attachments in mail queue pending antivirus updates for a specified amount of time based on rules

    With the recent influx of attachment attacks I think it would be nice to have the ability to hold mail containing some types of attachments based on some rules (receiving time, region, has this host communicated with us before?, etc) until it has had a few passes through the Anitvirus scanner. It would be nice to specify a time such as N hours before releasing it from the queue and onto the AV then to the mailbox. It is important that zero-day attachment age enough so antivirus can catch up enough to kill them.

    For example, An email arrives from…

    6 votes
    Vote
    Sign in Sign in with GFI
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  11. Logging of all events where the user sets the sharing and delegation.

    Logging of all events where the user sets the sharing and delegation.

    9 votes
    Vote
    Sign in Sign in with GFI
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  12. Whitelist Hosts From PTR Checks

    Hi Support,

    Would you have a look at the attached screenshot and see if you can add an option to whitelist certain IP ranges from reverse dns checks?

    Thanks.

    Regards,

    Pete.

    1 vote
    Vote
    Sign in Sign in with GFI
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  13. Mutual TLS Authentication

    Please provide the option in the smtp relay to send mails through Mutual TLS Authentication. Exchange does it (https://technet.microsoft.com/en-us/library/bb123543(v=exchg.141).aspx) so Kerio could too.

    6 votes
    Vote
    Sign in Sign in with GFI
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  14. auto answer when attachment deleted

    Automatic answer to the sender of an email, when a attachment is removed from an mail, that he has send.

    3 votes
    Vote
    Sign in Sign in with GFI
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  15. Ability to disable calendar sharing between domains

    On a server with multiple domains alls users in any domain can see the users of a different domain when sharing calendars.

    Can this be disabled? We don't want our clients to see each other domains, surely because we have a hosted solution where different domains are used for different clients. These clients shouldn't be able to share calendars between each other. This is both a security as a privacy issue to us.

    3 votes
    Vote
    Sign in Sign in with GFI
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  16. Automatically Disable Hacked User Account

    A spammer obtained a Kerio Connect user's password. When I arrived in the morning 50,000+ emails were in the queue and the mailserver was effectively down.

    Please consider a setting (per user or global) that would limit the number of emails a single user account can send in a short period, say 5 minutes. If you make it an hour, tons of spams can be generated. If the limit is exceeded, disable the account automatically and send an email notification to the administrator.

    5 votes
    Vote
    Sign in Sign in with GFI
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  17. Authenticate users thru Samba Directory

    Could you provide ability to authemticate users thru Samba Directory? Not every company wants to pay Microsoft for Windows Server when there is already a free alternative with the same functionality. Kerio Control can autheticate thru Samba Directory. Why Connect cannot have this functionality?

    6 votes
    Vote
    Sign in Sign in with GFI
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  18. Add custom header information like 'x-originating-ip'

    To show always the originating source of the e-mail for quick trace.

    3 votes
    Vote
    Sign in Sign in with GFI
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  19. DANE TLS

    Postfix 2.11 now support DANE TLS
    look into adding it.

    30 votes
    Vote
    Sign in Sign in with GFI
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  20. More granular Security settings, I would like to require TLS (Certificate) connections for SOME users only.

    Hi,

    I have here a mix of users with confidential data and some regular ones (without special security requirements). It would be very helpful to require certificate based (we have a own CA) logins for a group of some users.
    To require Certificates for all users would grow the effort to manage the environment, because of our byod policy.

    Thanks

    1 vote
    Vote
    Sign in Sign in with GFI
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Kerio Connect

Feedback and Knowledge Base