ArticlesArticles Most Popular ArticlesMost Popular Articles
RSS Feeds
Advanced Search
DrillDown Icon Table of Contents
DrillDown Icon 2020 Official Holidays & Support Schedule
DrillDown Icon IMPORTANT: End of Life of SHA1 on Windows Server 2003
DrillDown Icon IMPORTANT: Supported Operating Systems
DrillDown Icon PLEASE READ: Our Update Server IPs Have Changed
DrillDown Icon Support
DrillDown Icon modusGate for Microsoft Azure
DrillDown Icon modusCloud
DrillDown Icon Alleviating Spam – Best Practices
DrillDown Icon directQuarantine Technical Information
DrillDown Icon modusMail & modusGate Technical Information
DrillDown Icon Documentation & Release Information
DrillDown Icon Known Issues (non-release related)
DrillDown Icon Configuration Information
DrillDown Icon Troubleshooting
DrillDown Icon NTLM Advertisement Causes Connection & Login Problems
DrillDown Icon LDAP Service Won't Start
DrillDown Icon PostgreSQL Extended DB Upgrade Scripts Do Not Add Quota Columns
DrillDown Icon Mac OS X Mail corrupts file attachments
DrillDown Icon Unhandled error occurs when accessing WebMail/Quarantine
DrillDown Icon Error Codes and Messages
DrillDown Icon AV Backup Folders Are Not Self-Cleaning
DrillDown Icon Invirus Buildup and/or Server Freezes at Regular Intervals
DrillDown Icon ‘Failed to access IIS metabase’ when Accessing the Web Applications
DrillDown Icon How-To: Isolate Problems Using the System Health
DrillDown Icon How-To: Respool Messages
DrillDown Icon How-to: Troubleshooting DNS Resolution Problems
DrillDown Icon Troubleshooting Mail Delivery Problems
DrillDown Icon System Health Counters Display "Unavailable" in WebMonitor
DrillDown Icon Cannot Delete "Scanning Errors" from the Quarantine
DrillDown Icon Running Outlook 2007 & Windows Vista with modusMail May Cause Slow Downs
DrillDown Icon PostgreSQL Will Not Install Properly
DrillDown Icon Quarantine Reports are not Being Generated
DrillDown Icon WebQuarantine Settings Generate a "Value Cannot be Null" Error
DrillDown Icon Quarantined Messages are Being Labeled as “Possible Virus”
DrillDown Icon Incoming Spool Directory is Backing Up
DrillDown Icon Outlook Express 5.0.6 Cannot Send Through Modus When Using SMTP Auth
DrillDown Icon Non-sequential Logging in the Log File
DrillDown Icon Mailbox Aliases Periodically Disappear from the modusGate Console
DrillDown Icon MODUSCAN Service Does Not Start
DrillDown Icon Quarantine Reports are Generated Too Often / Cannot Release Spam from the Report
DrillDown Icon modusGate is Not Scanning Outbound Mail for Spam Content
DrillDown Icon EXPORT Function in the Message Audit Log Does Not Open the Export Dialog Box
DrillDown Icon POP3 Service Slow Response Causes Message Retrieval Problems
DrillDown Icon Inconsistent SMTPDS Behavior When Returning a DSN (Delivery Status Notification)
DrillDown Icon Norman AV is no longer being updated
DrillDown Icon Cannot Access or Save Changes in WebMail/Quarantine Settings
DrillDown Icon Spam / Virus Definition Updates Not Working Properly
DrillDown Icon Office 2007 Attachments Being Scanned as Archives and Blocked
DrillDown Icon Users List Refresh is Slow to Respond
DrillDown Icon Remote Console Freezes when Optimizing the Index
DrillDown Icon "Delete All Spam" in the Quarantine Report Times Out
DrillDown Icon Util.exe Uses 100% CPU
DrillDown Icon WebMail & WebQuarantine Login Issues
DrillDown Icon WebMail Log Files Not Created
DrillDown Icon WebAdmin Settings Generate "Page cannot be displayed" Error
DrillDown Icon How-To: Ensure Deliverability to Specific Problem Domains
DrillDown Icon Info: Dell Servers
DrillDown Icon Info: 3rd-Party Anti-Virus Desktop Scanners
DrillDown Icon Info: Applying Windows 2003 Critical Updates
DrillDown Icon Header Elements Added by MX-LOGIC Cause Parsing Problems for the AutoReply Function
DrillDown Icon Archived Articles
DrillDown Icon Quarantine Database Problems when Upgrading from 4.4.568
DrillDown Icon How to fix web components to view with IE 11
DrillDown Icon Unable to Update Avira Virus Engine:
DrillDown Icon Invalid license for VircomMailAuto
DrillDown Icon Error 00002f0D running Spam updates.
DrillDown Icon Avira Virus Updates Generate an Error: 0XE007FDF1
DrillDown Icon Modusmon Service will not start:
DrillDown Icon How-To: Troubleshoot outbound mail flow
DrillDown Icon IMAP Syn Flood
DrillDown Icon Understanding Message Headers
DrillDown Icon Hardware & OS System Requirements
DrillDown Icon Tools
DrillDown Icon Other Product Technical Information
DrillDown Icon Professional Services
DrillDown Icon Newsletters
  Email This ArticlePrint PreviewPrint Current Article/Category and All Sub-Articles/Categories
  
IMAP Syn Flood

 

Product: modusMail

Version & Build: All



Problem:

 

If your mailbox is IMAP type then you might experience the following symptoms that on one can login to webmail.

 

Symptoms:

 

  • No one can login to webmail mail client.
  • You get the banner only after 3 to 4 times a telnet command is issued on port 143.
  • If you list the IP address connecting to your server on port 143 you should see similar to screen shot below where you should notice on the last column to the right a series of SYN_RECEIVED.
 

Cause:

Someone form the outside world is sending to many AUTH requests creating a SYN_FLOOD scenario on port 143 making the IMAP port unresponsive.

 

Solution:

When you locate this/these IP addresses, you MUST add them at the firewall level (your front end firewall) as adding them to the modusMail console banned IP list will not help.

 

 
Modified 9/20/2018
Keywords: IMAP Syn Flood
Article ID: 1995
   Vircom
2018 Vircom Inc. All rights reserved.		 Knowledge Base Software
Powered By: NovoSolutions, Inc.