I’ve been using CIS (or previously Comodo Firewall) for several years. So far, it is the best firewall, much better even than major commercial ones – it is just simply ONE LEVEL UP than others in the industry.
Also CIS works on Windows servers and 64 bits, and free – despite there are some wishes from me for the firewall, such as an more easier real time network traffic monitor.
But recently, when I installed an application called hMailServer (http://www.hMailServer.com), the first time, Comodo firewall missed capturing the hMailServer’s internet connections for sending out messages.
I configured Comodo Firewall for hMailServer application with allowing both IN and OUT for POP3, SMTP and IMAP ports and blocking all other connections for hMailServer.
For every actions(either allowing or blocking) of firewall for every application, I enabled logging. So whatever the hMailServer is allowed to connect to internet or blocked from connecting to internet, the log information should be there.
The situation is: there is NO any logging information showing up when hMailServer sends email messages out – likely Comodo Firewall missed capturing the connections. But incoming connections to hMailServer application are captured by Comodo Firewall.
Please note: I disabled ALL Windows internal firewalls on the Win server 2k8 host machine.
Strange thing is:
If the Comodo firewall was on since the machine started, the hMailServer CAN NOT send messages out – there is no Comodo Firewall logging showing this connection either allowed or blocked.
If I disable the Comodo Firewall, the hMailServer immediately CAN SEND messages out to outside email accounts – but STILL NO LOGGING information for this connection.
Now I enable Comodo Firewall again, hMailServer STILL CAN SEND messages out until machine is shutdown and restarts – but STILL NO LOGGING information for this connection.
I asked the hMailServer site guys and they seemed not able to figure it out.
As Comodo Firewall normally is reliable and configurable for 100%, this sudden miss makes the security still an issue – it seems that there are some possible hiden channels out there.
Could someone help this out.
Maybe a good way is, install the hMailServer and test.