Kerio Connect

Welcome to our Kerio Connect feedback forum. Do you have an idea? Do you recognize a good idea when you see one? We want to hear from you!

How can we improve Kerio Connect?

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Add a filter attached files for common types of archives

    Scan inside .ZIP, .RAR, .TAR, BZ2, .7ZIP files for .EXE, .CMD, .SCR and other unwanted file types

    11 votes
    Vote
    Sign in Sign in with GFI
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  2. Option "don't show program name and version" is not consistent

    The option "don't show program name and version" in the advanced options is nice because the specific version of a product is very interesting for an attacker, but unfortunately this setting is not very consistent. While the version disappear from the smtp banner, everybody can easily see the version in the webmail-code. Every Image, js, etc contain the version! (like <script type="text/javascript" src="defaults.js?v=8.3.2.3100"></script>)

    3 votes
    Vote
    Sign in Sign in with GFI
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  3. active sync

    For mobile devices that are connected via the ActiveSync protocol is fixed by the security setting that after 4 or 8 failed attempts that device to unlock that machine resets automatically.
    In Kerio there is no way to change this setting.
    Unfortunately, it often happens that the device is then reset unintentionally and the data will be lost on the device. In this specific case a device with fingerprint sensor has been inadvertently reset. The fingerprint sensor is incorrectly identified in a tight pocket attempts to Entsperrungung.
    It should be the following settings in Kerio adds:
    The option to disable…

    1 vote
    Vote
    Sign in Sign in with GFI
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
    declined  ·  Pavel Dobrý responded

    In default configuration Kerio Connect does not enforce these security policies. If you have them on your mobile device it must be caused by something else.

  4. Whitelist For Domains Without Reverse DNS

    Hi Support,

    Although there is already an option to whitelist certain domains from attachment size and messages per hour etc, would it be possible to add an exception (drawn from IP address ranges) so that a lack of reverse DNS does not stop these IP addresses from connecting?

    I'm thinking of mobile clients that need to send mail but the servers responsible don't have reverse DNS (T-Mobile for starters).

    Thanks.

    Regards,

    Pete.

    1 vote
    Vote
    Sign in Sign in with GFI
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
    declined  ·  Pavel Dobrý responded

    Well, if the IP address has no reverse PTR then whitelisting based on domain makes no sense since there is no domain defined for those IP addresses,
    I recommend to configure mobile clients to use SMTP Submission port 587 for sending emails. This port is not included in PTR checking on Kerio Connect server.

  5. Block Known Proxy Services

    The ability to block known proxy services where the attack pattern is the same but the IP address changes.

    1 vote
    Vote
    Sign in Sign in with GFI
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    declined  ·  0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  6. Antivirus control

    Are you thinking of implementing antivirus controll for outgoing messages as optional function ?

    1 vote
    Vote
    Sign in Sign in with GFI
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    declined  ·  0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  7. Redirect http to https

    When secure connections are required and http is disabled, users who do not explicitly type "https://&quot; into their browser window are presented with an error page. It would be great to have http://... redirect them automatically to https://...

    Thanks.

    1 vote
    Vote
    Sign in Sign in with GFI
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
    declined  ·  Pavel Dobrý responded

    When secure connection are required, all HTTP traffic is automatically redirected to HTTPS.
    You must keep HTTP port in listening mode in order to let server do the redirection.

  • Don't see your idea?

Kerio Connect

Feedback and Knowledge Base