Kerio Connect

Welcome to our Kerio Connect feedback forum. Do you have an idea? Do you recognize a good idea when you see one? We want to hear from you!

How can we improve Kerio Connect?

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. To prevent when an account becomes compromised, limit the amount of messages that can be sent from a particular email account.

    To prevent when an account becomes compromised, be able limit the amount of messages that can be sent from a particular email account in the same way you can limit the amount of messages from one IP address. When accounts become compromised the hackers use multiple IP addresses to send from the same account. Limiting the amount of email being sent on the account side could prevent a particular account from bringing down and entire server.

    7 votes
    Vote
    Sign in Sign in with GFI
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  2. Block IP of Robotic password guessing or brute-force attack

    Block IP of Robotic password guessing or brute-force attack

    7 votes
    Vote
    Sign in Sign in with GFI
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  3. Allow disabling DSNs (receipts that the message has arrived at the mailserver)

    It should really be possible to disable the automatic receipt messages from the mail server (this has nothing to do with read-receipts), because spammers can easily exploit that to verify mailboxes. Therefore posting in Security.

    7 votes
    Vote
    Sign in Sign in with GFI
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  4. Attachment filter

    Attachment filter:

    Today there is more then 19.000 different kinds of file extensions in use in the world. I would be nice for security to have a white-list instead of a blacklist attachment filter. The attacker allways decide witch kind of extension to use ore misuse in the attacks.

    So if i only want to allow .DOCX then the 18.999 is by default denied.
    This wil olso help to ensure the the AV scanning engine really can do a nicer scanning job and improve security a lot.

    6 votes
    Vote
    Sign in Sign in with GFI
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  5. Add ability to make few password policies in local user’s database.

    Add ability to make few password policies in local user’s database.

    6 votes
    Vote
    Sign in Sign in with GFI
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  6. Authenticate users thru Samba Directory

    Could you provide ability to authemticate users thru Samba Directory? Not every company wants to pay Microsoft for Windows Server when there is already a free alternative with the same functionality. Kerio Control can autheticate thru Samba Directory. Why Connect cannot have this functionality?

    6 votes
    Vote
    Sign in Sign in with GFI
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  7. Keep email containing attachments in mail queue pending antivirus updates for a specified amount of time based on rules

    With the recent influx of attachment attacks I think it would be nice to have the ability to hold mail containing some types of attachments based on some rules (receiving time, region, has this host communicated with us before?, etc) until it has had a few passes through the Anitvirus scanner. It would be nice to specify a time such as N hours before releasing it from the queue and onto the AV then to the mailbox. It is important that zero-day attachment age enough so antivirus can catch up enough to kill them.

    For example, An email arrives from…

    6 votes
    Vote
    Sign in Sign in with GFI
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  8. hide integrate with device link from webmail login page

    I would not like users to see the "integrate with device" or "integration with windows" link on the webmail login. We recommend webmail for some outside contractors for whom we don't want their Outlook configured for direct connections, etc. I realize one could on their own download and install the outlook connector, but do we need to present it to them? Likewise for people who go to webmail from their personal ipad - I don't want them to use the Integrate with Device option or know it exists. Sure people could go hack the settings on their own and figure…

    6 votes
    Vote
    Sign in Sign in with GFI
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  9. Encrypt backup files

    Encrypt the backup zip files so they cannot be accessed by someone without the key

    6 votes
    Vote
    Sign in Sign in with GFI
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  10. Attachment filter: Provide the "Discard zip archive containing files with dangerous extensions" option by extension and not globally.

    Generally we want to filter zipped and not zippend attachements. But for some extensions we need a method to let them through to not break our business processes (e.g. we need to allow zipped .xlsm and .docm files) and block everything else.

    6 votes
    Vote
    Sign in Sign in with GFI
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  11. Mutual TLS Authentication

    Please provide the option in the smtp relay to send mails through Mutual TLS Authentication. Exchange does it (https://technet.microsoft.com/en-us/library/bb123543(v=exchg.141).aspx) so Kerio could too.

    6 votes
    Vote
    Sign in Sign in with GFI
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  12. Antivirus push update

    Push antivirus updates instead of periodic updates.

    6 votes
    Vote
    Sign in Sign in with GFI
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  13. Allow incoming mails from particular servers only per domain

    To provide extra security for customers we need to restrict IP ranges from which mail is accepted per domain. This isn't a problem for a whole server and can be achieved easily by a firewall or gateway but we need this at a domain level.
    Office 365 has this feature already. So please consider...

    6 votes
    Vote
    Sign in Sign in with GFI
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  14. Automatically Disable Hacked User Account

    A spammer obtained a Kerio Connect user's password. When I arrived in the morning 50,000+ emails were in the queue and the mailserver was effectively down.

    Please consider a setting (per user or global) that would limit the number of emails a single user account can send in a short period, say 5 minutes. If you make it an hour, tons of spams can be generated. If the limit is exceeded, disable the account automatically and send an email notification to the administrator.

    5 votes
    Vote
    Sign in Sign in with GFI
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  15. Utilization security option: filtering and audit by nations and by connection from new clinets

    I propose to implement an option to send an alert email to you if your account is used by the new device, and / or new nations .

    Something similar to what they do with Facebook and Google .

    5 votes
    Vote
    Sign in Sign in with GFI
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  16. Security improvement

    Kerio Connect security log contains the list of events, which represent a threat to the system. It would be great to be able automatically block IP addresses from security log. Should be not too hard to implement also, as all elements are in place already, it only requires something like:
    - Create IP list populated automatically with IP addresses from security log, add counter for every IP occurrence and blocked status flag;
    - Add a section to Security/security policy page, for example named “Automatic blocking”;
    - Implement controls to this section (enable, number of occurrences in the log before blocking…

    4 votes
    Vote
    Sign in Sign in with GFI
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  17. DNSSEC

    As you will well know spam - unsolicited emails - are a big problem for everyone who uses email. Related to spam are fake emails where the sender details are faked.

    Kerio Connect supports some features to help in both cases such as a spam filter, black lists, and support for SPF - Sender Policy Framework. Kerio Connect also has some support for DKIM - Domain Keys.

    However Kerio Connect does not support DNSSEC. Whilst SPF and DKIM help in ensuring emails for a domain are only sent from a mail server authorised to send for that domain they do…

    4 votes
    Vote
    Sign in Sign in with GFI
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  18. Multilevel/Advanced attachment filtering

    Kerio Connect 8.5.0 is now able to remove potentially malicious files from ZIP attachments.

    It would be good to enhance this feature to allow:

    1. Multilevel (recursive) searching for malicious files inside ZIP/RAR archives. Example: a ZIP file contains another ZIP file and that ZIP file contains a virus (exe file). So there are 2 possibilities that You may consider:
    a. Reject archives containing archives (i.e. RAR file in ZIP file)
    b. Do a recursive search to a specific depth (either hard coded or defined by administrator) in archives and reject if a file with prohibited extension is found

    I…

    4 votes
    Vote
    Sign in Sign in with GFI
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  19. Encrypt storage

    Currently, all messages are displayed as * .eml and available without restrictions. Encrypting storage administrator password solve this issue

    4 votes
    Vote
    Sign in Sign in with GFI
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  20. Allow to personnalize the message that the sender receives when the attachment is refused by the rule defined in the server

    It would be nice to have the possibility to modify the rejected message with the logo of our company, our own explanation text, the raison why we block the mail, the list of the extensions blocked, the alternatives to send the file in an other maner...

    4 votes
    Vote
    Sign in Sign in with GFI
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Kerio Connect

Feedback and Knowledge Base