Shayeb

Secure SDM emailEater SSL connection

Blog Post created by Shayeb on Nov 29, 2016

I have been using CA Product for long time, service desk manager was the main product I have used. After long time I decided to publish the most annoying buggy feature in SDM which is emaileater.

 

We are using service desk in a governmental institute, thus it is nearly impossible to change environment security policies such as email server ( i.e exchange server) incomming and outgoing servers connection.

 

Service desk till now does not support SSL connection via port 993 while most of mail connection now are secured nor SSL connection nighter TLS is fully supported .

 

Let me explain briefly, emaileater is a feature available in most of Service Desk products with full support of secure connection but not in CA one. If you need to use emailEater then your connection to mail server must not be secured (not using 993 port instead of 143 ). Which is not allowed in most of clients environment.

A buggy walk-around is to open a TLS connection after a plain text connection to mail server, but this walk-around does not work for two reasons:

1) you have to establish a plain text connection first; which make login info available for free in the network!.

2) To use TLS you have to import all email certificates owned by email server with one way only which is importing the three certificatez with the root directory too. The problem is CA force the client to follow its procedures for getting certificate files in a way that other service desk products vendor have not such difficulties or environment security changes.

 

 

Finally, the absence of supporting SSL connections to mailserver gonna lead for untrusted relationship between CA and it's client.

 

I'm a governmental client and for sure I will not deal with CA Service Desk any more if it is not support secure SSL Connections.

 

Regards.

Outcomes