Authentication Bypass in MailboxImportServlet vulnerability (reminder)
https://blog.zimbra.com/2022/08/authentication-bypass-in-mailboximportservlet-vulnerability/

zimbraHttpThrottleSafeIPs and IPv6

Ask questions about your setup or get help installing ZCS server (ZD section below).
User avatar
thomas.klaube
Posts: 43
Joined: Sat Nov 30, 2013 5:17 am
Location: Stuttgart
ZCS/ZD Version: 8.8.15P33
Contact:

zimbraHttpThrottleSafeIPs and IPv6

Postby thomas.klaube » Mon Sep 19, 2022 2:52 pm

Hi all,

after applying Patch 33 (ZCS 8.8.15) we are receiving occasional complains that Zimbra servers are reporting "Network errors". The mailbox.log shows "com.zimbra.common.service.ServiceException: error while proxying request to target server: Service Unavailable" and the line directly above says:

Code: Select all

2022-09-19 16:21:48,620 INFO  [qtp891095110-142194://localhost:8080/service/soap/BatchRequest] [] misc - Access from IP [2001:aaa:bbbb:5:0:0:0:123] suspended, for repeated failed login.


with 2001:aaa:bbbb:5:0:0:0:123 being the servers IPv6 address. We explicitly configured 2001:aaa:bbbb:5:0:0:0:123 as well as 2001:aaa:bbbb:5::123 (just in case...) as zimbraHttpThrottleSafeIPs which should prevent any kind of DoSFilter Throttling. But this seems to have no effect... I am very sure that we did not have these kind of problems with P31.1 so I assume this was introduced with P32 or P33 (we never ran our servers on P32 - so I am not sure when this problem occurred). Can anyone confirm this behavior?

Regards
Thomas


Return to “Installation and Upgrade”

Who is online

Users browsing this forum: No registered users and 28 guests