MailSecurity: IMAP Proxy
Implement an IMAP proxy. Provides filtering and scanning functionality for those that use this type of mail retrieval. It rounds out our offering to include all 3 of the major ways users access mailboxes.
Adrian Baxter commented
It's disappointing that there is no response from Sophos about this.
I think that perhaps the most relevant point is that many competing products already have this, and Sophos UTM will need it to remain competitive as IMAP becomes more and more prevalent.
I absolutely agree. IMAP Proxy for antispam and -virus is essential!
A really good idea. I am only using IMAP for my 1&1 post boxes as well as with Gmail to have access to everything being at home or on the go. Unfortunately I am not able to scan those traffic with my ASG120. So I also would appreciate a IMAP proxy in addition to the POP3 and SMTP Proxy due to the reason that many small offices/companies not allways having a own Mail server which downloads (POP3) and send (SMTP) the emails on its own. For the same reason as I use IMAP many small companies does it. So it really would improve the ASL.
Matthias Fleschütz commented
@christian: ok, you've just pointed out the reasons more detailled.
But the way Bastian tried to say his comment is a fact, ignoring other markets and products is simple what i wrote....
@Bastian: This is arguable to a degree. Probably, most enterprise environments that are Sophos' target customers have a sort of Groupware system that does not necessarily use IMAP as its core protocol (Groupwisse, Notes, Exchange, you name it). If they don't run their own on-premise Groupware system, they'd either use a managed Exchange installation or use groupware systems that are purely browser-based (such as the Google Apps suite).
However, you're under the (in my opinion) wrong impression that the UTM's target market is sorely the enterprise network. However, more and more UTM deals are about provider installations or other installations that have to deal with a more open network; whether it would be public Hotspots, university networks or ISP installations. Within those networks an IMAP proxy is not only nice, but in some deals mandatory - I've personally seen Astaro not be picked because of its lack of IMAP proxy capabilities in the past.
On the other hand, unencrypted IMAP protocols are hard to find in the industry anymore. So if we are talking about an IMAP proxy here, it needs to be able to deal with SSL encrypted sessions, similar to how the HTTPS proxy can deal with End-to-End encrypted sessions as well.
@Matthias: Most companies don't want to use Microsoft products, but - yes, this is a hard truth to face for open source evangelists/community members - they do it anyways. The alternatives are simply not as widely spread as Exchange is. And, calling some other opinion "BS" without giving examples or a further reasoning earns you the red herring of the day IMHO.
Matthias Fleschütz commented
@Bastian Haas: sorry, but that is BS! I know a lot of companies that really dont want to use M$
Bastian Haas commented
No one really needs IMAP in today's enterprise environments. Everyone uses solutions like Blackberry oder Exchange ActiveSync.
Desktop-PC, Tablett und Smartphones.... alle mit Email und alle sollen den gleichen Email Stand für ein Postfach haben! Das geht nur mit IMAP.
Ein IMAP Proxy wird zum muss!
IMAP is an essential mail retrieval protocol.
Leaving it out is a significant omission.
It is also a security hole.
Mario Schmidt commented
SSL scanning should be supported as well, even transparent.
Dominik Genz commented
IMaP Proxy wäre sehr wichtig
The ability to scan IMAP/S traffic for malware and filter SPAM would definitely add value to the ASG - I know I would use it and I'm sureit would be a factor that would be/is considered by many organizations when considering what product to purchase and vendor to use.
Wot no IMAP security. How Passé!
Who doesn't use IMAP these days? I really believe that this is an important feature that is missing. There are other appliances that offer this functionality already - ie untangle (lite).
Kantam Nagou commented
It will provide better protection for Blackberry and others Handset usage for emails pushing.
same the, small business without exchange but accessing mails over IMAP and SMTP on internal DMZ. @ Astaro, any progress on this? thx
IMAP-Proxy is a "must have" for small business email security.
I had the misfortune to rebuild a W7 PC using outlook which has a number of different e-mail accounts. Auto discovery sets the accounts up as imap, no prefetch and no anti-virus in both directions. While a lot of the ISPs that provide mail via imap do virus scanning, you don't get any reports on what has been blocked.
Mark Doorey commented
IMAP SSL Port 993 For Mac Mail