Jump to content

frapetti

Members
  • Posts

    20
  • Joined

  • Last visited

About frapetti

  • Rank
    Newbie
    Newbie

Profile Information

  • Location
    Argentina

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Hello, I know how to change the port on the server, and that policies can be made to tell the agent to connect to a different port, however for a policy to be applied, the agent needs to connect to the server first, so it seems obvious that a newly installed agent will need to know what's the server port. What is the recommended way to embed this new port on the installer? We use the All-in-one installer to install the agent + security product. Is there a way to make this change permanent so that any newly generated installer has the new port configured? Regards
  2. By the way, the reason, is still: "IP (190.61.219.106) found on cloud black list 1". Are you sure that this IP is NOT blacklisted? If so, then how can this be the reason? I recently updated to EMSX 7.3.10011.0 , if that's of any help. I opened a support ticket with zma.la , but i could open a ticket with ESET directly, if you give me instructions on how to do that.
  3. Very clear, thanks. It should be explained like this on the help pages. It seems like their email provider is sending from an IP (190.61.219.106) not associated with estudio-santoianni.com.ar in DNS. I advised them to discuss this with their email provider. Still, i thought that adding the domain to the "ignored body domain list" would allow mails coming from any @estudio-santoianni.com.ar addresses to go through, regardless of the sending IP address, but it still gets quarantined. I thought that it was a simple string check, but agains what field(s) is EMSX checking the domains from this list? Against the sending email address? or "received: from" records? or maybe somewhere else? How does this list work, exactly? Regards
  4. Now I see that ESET is also quarantining mails from the accounting firm: estudio-santoianni.com.ar The reason, is: "IP (190.61.219.106) found on cloud black list 1". I even added the domain to "approved domain to IP list" and to "ignored body domain list", but it's still getting quarantined. How is that possible?
  5. Thanks. Since i whitelisted the domain, no messages from them were quarantined anymore. That means that ESET will take no action based on the IP address of the sender, but still perform all other spam checks on the message contents? Then i assume that any blacklist check is not performed?
  6. Hi, We recently had to whitelist emails from one of our providers ( falconmx.com ), because Mail Security detected it as SPAM. The reason was "IP (138.128.164.234) found on cloud black list 1". What exactly is "cloud black list 1"? If i do a blacklist check for that domain, it seems to be only listed on the UCEPROTECTL3, which lists entire ISPs for "bad reputation". But no one should block an email only because of that. Some of that lists are more important than others. A list of domains caught sending SPAM (for example, by spamtrapping) should be a lot more important than a list of ISPs with bad reputation, or lists of alledgedly dynamic IPs (in fact, only the ISPs themselves know which of their IP ranges are dynamically assigned). There are many companies with legitimate mail servers whose ISPs have "bad reputation". We considered adding it to "Ignored Domain to IP list", but the list description looks confusing: "List of domains that resolves to IP addresses which in turn will not be checked during classification. SPF records are being recognized when resolving IP addresses". What does "not checked during classification" means? How is "not checked" different from whitelisted? If only some of the tests are skipped, which tests are skipped, and which ones do still run? Regards
  7. That would be great, thanks. Do you need some info from us to check that?
  8. No. When we buyed the product 3 years ago, we were assigned to an eset partner named "globalgate". Now that we needed to renew, we talked to them again. That's the usual procedure, right?
  9. We approved the budget on january 20. The seller told us to wait as they started the process. On january 28 they sent us the data for payment. The following day it was payed. How long could this take? People are a little uneasy about the "loose protection" notifications. Should i tell them to not worry about this, then? Regards
  10. Hi, We are in the process of renewing our license. Already payed to our eset representative, but very close to the end date. Our license expired this month. I see that updates are still downloading, even when expired. What is the grace period for this, as to know how much time this can take before it becomes a real problem? Can this be speeded up? What happens after the grace period? The product stop downloading updates, but keeps working? Do we need to do any reconfiguration, or the license's date is just updated by eset and requires no technical intervention from us? Regards
  11. For what i readed, SQL Server Native Client (SSNC) shouldn't be used anymore for new developments, and instead use new clients that replaced it. That's why there aren't any new SSNC versions. The last one was from 2012. Maybe ESET could do that, and then the problem would go away. See: https://docs.microsoft.com/en-us/sql/connect/connect-history?view=sqlallproducts-allversions
  12. That's dissapointing. If I had known about the limitations, i would have stayed in ELA, even if there's no link from the ESMC console to access ELA anymore.
  13. I just upgraded to ESMC 7 and it sent me to the EBA page, where i migrated from ELA. However, i don't even find a way to sort the list of devices in EBA, something that i could do in ELA, and that is very important for finding duplicate devices. Can this be done somehow on EBA?
  14. I think that i found a better solution: i used wmic to remotely uninstall the agent, with the following command: /user:username /node:"computername" product where name="ESET Remote Administrator Agent" call uninstall Then used the ESET Remote Deployment Tool to remotely install the All-in-one package. That worked very well on two computers. The whole unistall/reinstall process only required one reboot after the new version of ESET Endpoint Security was installed. EDIT: However, several computers don't have the agent available in the add/remove software list, and so the wmic option isn't available for them.
  15. What do you mean by endpoint installation? Something like re-installation of the OS, or the ESET Antivirus software? In my case, i had to remove the Agent, then install a new one.
×
×
  • Create New...