Jump to content


Photo

Behavior Change to Quarantine Notification Emails in Firmware Release 8.0.3.003


  • Please log in to reply
35 replies to this topic

#21 Jbo

Jbo
  • Members
  • 67 posts

Posted 30 March 2018 - 09:37 AM

It's not accepting ldap passwords for e-mails for us. If I reset the password on the ESG I can login with my e-mail address. Why isn't it using ldap? I'm not going to have my users have to remember another password.



#22 Nicholas Palmer

Nicholas Palmer
  • Members
  • 19 posts

Posted 06 April 2018 - 08:19 AM

I've been holding off on this until I see some details as to what my users will receive instead of a simple clickable link.  OK, you've told us what they *won't* get, how about letting us in on what they *will* get, or do we just suck it and see?  What changes might I need to make on the appliance?  Do I need to confirm that their AD passwords will work?  Seriously, even leaving out that this is a big change in behaviour, the communication around it seems abysmal.

 

Edit:

 

If we were set up for Per-User, this change would be a mess for us.  We're on a model 300, which doesn't do LDAP integration, so we'd need to set up new users and manage them within the appliance.  Thankfully that's not the case.

 

It is for us; we're on a 300, and it's worked the same way with regard to quarantine notifications for years.  Good grief.



#23 christian ljubicic

christian ljubicic
  • Members
  • 13 posts

Posted 13 April 2018 - 04:25 AM

Seems you guys are trying really hard to loose your customers, that's the only thing i will say about this nonsense.



#24 tmenke

tmenke
  • Members
  • 5 posts

Posted 18 April 2018 - 04:52 AM

Our maintance will end in 2019. If there is no solution für Users of the 300 (LDAP integration for example) we have to search für another product. This behaviour by barracuda is an absolute nogo.



#25 Jody Gosnell

Jody Gosnell
  • Members
  • 127 posts
  • LocationAlabama

Posted 23 April 2018 - 11:24 AM

Has anyone gotten a formal response from Barracuda support?



#26 Jbo

Jbo
  • Members
  • 67 posts

Posted 25 April 2018 - 10:06 AM

Last I talked to tech support they said it was in known issue and they were working on it. I don't care if users have to enter credentials, I just need LDAP authentication to work. As of right now my users have to enter their e-mail address and click create new password to get into account area.



#27 ben crawford

ben crawford
  • Members
  • 2 posts

Posted 26 April 2018 - 09:26 AM

Last I talked to tech support they said it was in known issue and they were working on it. I don't care if users have to enter credentials, I just need LDAP authentication to work. As of right now my users have to enter their e-mail address and click create new password to get into account area.

 

Yeah this is exactly it. If LDAP works who cares. Also noticing issues with the aliases and external groups, they will need to figure out something for those as well. So far in my experience the alias linking isn't solving that problem. 



#28 Dave

Dave
  • Members
  • 4 posts

Posted 04 June 2018 - 07:20 AM

Has everyone applied this update? We have decided to wait until we can properly explain and warn users about the update. How are passwords managed to get in to each users quarantine? We have the BSF300 and wanted to see how much extra effort we need to inform users.

We hate to avoid this update just for passwords, but this is going to put more work on our help staff.



#29 Sysadmin Oricom

Sysadmin Oricom
  • Members
  • 2 posts

Posted 07 June 2018 - 03:52 AM

Easiest way imo is not to use the quarantine feature at all. Just mark it as "quarantine email" and have a filter on the mail server side to put it in the junk folder with auto expire after 7 days.

That way the users never have to get into the cuda interface to release a false positive.



#30 Eric Suger

Eric Suger
  • Members
  • 12 posts

Posted 05 July 2018 - 03:31 PM

Has everyone applied this update? We have decided to wait until we can properly explain and warn users about the update. How are passwords managed to get in to each users quarantine? We have the BSF300 and wanted to see how much extra effort we need to inform users.

We hate to avoid this update just for passwords, but this is going to put more work on our help staff.

 

I see that they released a few more versions since this and are up to 8.0.4.002.   Has anything changed with this?   LDAP doesn't work for distribution list logins.

 

I agree insane. I wish we could turn this off.



#31 Chris Mundell

Chris Mundell
  • Members
  • 4 posts

Posted 09 July 2018 - 08:57 AM

I opened a ticket on this a week or two ago and was told it is going to be fixed in the next firmware. I couldn't get an answer as to when it would be available. We have over 800 distribution groups and this "feature" requiring a login to get into the quarantine needs an option to be turned OFF.

 

Please, for the love of God, don't force me the manually enter email addresses I need to be exempt. Just let ME turn it off totally. I've already seen a huge surge in  users not bothering with their quarantine now that they have to login. An off switch, just give me an off switch!!! 

 

Chris



#32 Michael Manning

Michael Manning
  • Members
  • 185 posts
  • LocationOhio, USA

Posted 30 July 2018 - 12:03 PM

Anything new on this?



#33 MolallaComm

MolallaComm
  • Members
  • 1 posts

Posted 23 August 2018 - 09:56 AM

In addition to all the problems earlier in this thread - there is a related problem that if you are using a web client to check email - the links in the quarantine summary take customers to a "Temporarily Unavailable - a server error was encountered. Please try again later." page instead of the login page.

 

They fixed this problem for Outlook Web Access but it is still there for other web based clients like Zimbra and Atmail.  They acknowledge the problem and I opened a bug BNSF-27776 with them on this over a month ago but no progress thus far.  Our CSRs have to field dozens of calls on this daily.  IMHO - it is pretty obvious that the people in charge of product management and QA at barracuda are total space cadets given that all these problems should have been identified and fixed before such a drastic change in behavior was released with no way to roll back.

 

I've always thought barracudas technology was pretty lame for the price but it worked well enough not to switch til now - anyone else looking at other solutions and if so what?



#34 Michael Burback

Michael Burback
  • Members
  • 1 posts

Posted 27 September 2018 - 10:15 AM

We are a longtime Barracuda customer for 11 years and this recent change in login behavior for quarantine actions, with lack of clear documentation, has me concerned. Why isn't there an option to enable/disable this forced login? My model spam firewall does not support LDAP logins so my end-users must create a separate password. My take is Barracuda knows this and is forcing customers to upgrade to higher-end models. I have no other alternative but to either upgrade to a higher-model, or seek an alternative provider for spam filtering. I will pursue the later.



#35 Lebenshilfe Gießen IT

Lebenshilfe Gießen IT
  • Members
  • 1 posts

Posted 05 October 2018 - 03:33 AM

Support told me, that the ability to opt out of this nonsense will come in the november release... At least I have some hope.



#36 tmenke

tmenke
  • Members
  • 5 posts

Posted 08 November 2018 - 07:26 AM

The Release Notes of Early Release 8.1.0.002 states:

New option on BASIC > Quarantine page to enable/disable SSO/auto-login for users through links in Quarantine summary emails. [BNSF-27803]

 

That sounds good.