Security by what?

One of our customers called and said he couldn’t connect to netMail, and after some digging, I found out that the problem only occurred on the inside.

A Sonicwall firewall was to blame; butchering POST content that produces application/x-javascript – but not the GET content with the same mime type, and not when the content is decorated with text/plain

Being as how <script> ignores the MIME type in every major browser, I cannot see why anyone would think this is a good idea, and yet using a separate MIME type just for the RPC makes using wireshark easier.

If you use a Sonicwall, netMail will now work with your firewall, but you have to wonder what kind of security vendor thinks this added complexity actually buys anything…

Leave a Reply