Windows Firewall Control (WFC) by BiniSoft.org

Discussion in 'other firewalls' started by alexandrud, May 20, 2013.

  1. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    1,102
    Location:
    Lunar module
    Check that your mail client (one or more lines) are on this list, or add them manually (step 4)
    mail.png
     
  2. WindowsDude

    WindowsDude Registered Member

    Joined:
    Jul 10, 2021
    Posts:
    5
    Location:
    Florida
    That's odd, mines not showing much and the "change settings" is grayed out...

    (Update) ....
    I am able to allow another app through. Where would I find the Mail app when I browse for it?

    https://i.ibb.co/9g9xm2g/firewall.png
     
    Last edited: Jul 11, 2021
  3. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    4,063
    Location:
    Canada
    @WindowsDude

    when I launch the Mail App, WFC immediately alerts to its connection attempt...

    mail app.png
     
  4. WindowsDude

    WindowsDude Registered Member

    Joined:
    Jul 10, 2021
    Posts:
    5
    Location:
    Florida
    Wow, wish I could get mine to do that too. Have you got it set to medium filtering? When I lauch the mail app, no pop-ups from WFC. The mail app launches but when I click the refresh button at the top of the mail app, I get the little triangle. If I put WFC on low filtering, mail works fine.

    It sure would be nice if the "click to allow" worked... I could just click on the mail app and it would work using medium filtering.
     
  5. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    1,102
    Location:
    Lunar module
    You may already have a firewall rule that prevents mail from going online. Look in the Rules Panel, find that rule or rules and remove them. Also look at the Connections log and find the blocked connections for your mail. This should be enough to correctly create an allow rule or rules for mail.
     
  6. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    3,418
    Location:
    Slovakia
    Mail app uses 2 exe and svchost on top of it for DNS requests and svchost again to launch MS sign-in. As seen on the previous popup, the process is launched by svchost as well.

    capture_07112021_180656.jpg
     
  7. WindowsDude

    WindowsDude Registered Member

    Joined:
    Jul 10, 2021
    Posts:
    5
    Location:
    Florida
    I exported the rules, but not sure what to open it with. I did see the popup hxoutlook.exe and allowed it permanently, mail still being blocked.

    I see a lot of connections blocked, but cant "allow", tried highlighting them and clicked allow, still being blocked.

    Update...

    I copied all the blocked connections to notepad, found outlook communications and added that to the firewall. See image, it now shows outlook communications, but still blocking Win 10 mail app.

    https://i.ibb.co/fpTxTp9/outlook.png
     
    Last edited: Jul 11, 2021
  8. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    4,063
    Location:
    Canada
    Medium filtering here. I would follow the advice from aldist in post #6230, especially checking blocked logs, and the rules posted by Tairiku look correct as well.
     
  9. kronckew

    kronckew Registered Member

    Joined:
    Aug 27, 2006
    Posts:
    455
    Location:
    CSA Consulate, Glos., UK
    For info of all: Your notification from WFC is asking to connect to that IP address on port 443 with the TCP protocol. This is now used for DNS queries that are encrypted, usually referred to as DOH or DNS over https.

    the 52.113.194.132 IP address belongs to a microsoft site, but they don't, to my knowledge, resolve DNS or DOH. Some setting for your network appears to be wrong.

    Other posters with problems: What is your DNS set to, for your ethernet adapter?
    What version of windows?
    Are you using a VPN or proxy?

    Win10 or 11 can use DOH natively if set up in windows, or thru a browser like firefox/chrome/edge if set up to do so.

    (I use 'Thunderbird as a mail client, no problem, and have a rule for it in wfc to allow outbound connections on 'any' ports or IP addresses.

    This problem looks like a weird connection setting diffugalty :doubt:
     
  10. WindowsDude

    WindowsDude Registered Member

    Joined:
    Jul 10, 2021
    Posts:
    5
    Location:
    Florida
    Well gents, first off I want to thank everyone for trying to help me with this. I have "thrown in the towel" as they say and just deleted WFC with great sadness. I had no problem using WFC with Thunderbird as Kronckew is doing. I may return to WFC in the near future and just use Tbird with it as my mail client. A shame it works no problem with Tbird, don't know why such a problem with Win 10 mail app. Maybe Malwarebytes will read this thread and update WFC to work "out of the box" with Win 10 mail app, as it does with Tbird.

    Again, thanks to all for helping....I need a cold beverage now, and here's a hint: it's not a Sprite...
     
  11. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    1,102
    Location:
    Lunar module
    In my case for Thunderbird (POP3 and IMAP) it is enough to allow remote ports UDP 53, TCP 25, 80, 143, 443, 465, 993, 8080
     
  12. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    3,418
    Location:
    Slovakia
    Not a good idea to allow anyone reading your emails by sending an unencrypted traffic, but more worrisome possibly sending your passwords via those channels.
     
  13. reasonablePrivacy

    reasonablePrivacy Registered Member

    Joined:
    Oct 7, 2017
    Posts:
    2,001
    Location:
    Member state of European Union
    Thunderbird does not download e-mail by http (tcp 80) and https (443) connections. It is for HTML-based content with pictures so Thunderbird can download images. By default Thunderbird does not download (so does not show them) - just prompts that user can download picture for this or that mail.
     
  14. alexandrud

    alexandrud Developer

    Joined:
    Apr 14, 2011
    Posts:
    2,411
    Location:
    Romania
    The problem here is not WFC, Binisoft, Malwarebytes, but the email client from Windows 10 which is bad designed so that you may buy an Office 365 subscription and have a decent paid email client product which is Outlook. Regarding this default Mail client from Windows 10, I added an article in WFC user manual a few years ago. Here it is: https://binisoft.org/pdf/guides/Malwarebytes-WFC-User-Guide.pdf#page=48 You have to allow svchost.exe very wide to make it work. I don't know why they don't use a single process for this default email client. For Outlook, you have to allow outbound connections for outlook.exe and that's all. For this default mail client there is no such simple thing as allow one exe file and that's all, similar to outlook.exe or thunderbird.exe.
     
    Last edited: Jul 11, 2021
  15. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    1,102
    Location:
    Lunar module
    Port 25 is the SMTP protocol, without it sending mail will not work, port 80 is needed to display a pictures when you receive mail. reasonablePrivacy is right, there is no security risk.
     
  16. mantra

    mantra Registered Member

    Joined:
    Jan 25, 2005
    Posts:
    6,167
    hi
    just a question
    can windows firewall control block firewall attacks ?
    or does it use only the w7 and w10 firewall ?

    on a site , i had found in the past windows firewall can block everything
    thanks
     
  17. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    1,102
    Location:
    Lunar module
    Windows Firewall Control is just a friendly GUI to the Windows brandmauer, an add-on to the Windows brandmauer.
     
  18. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    3,418
    Location:
    Slovakia
    Sending unencrypted mail, only 465 should be used.
     
  19. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    1,102
    Location:
    Lunar module
    Without port 25, IMAP mail registered with local ISP is not sent ...incorrect SMTP server settings... Mail from global ISP like gmail is sent.
     
  20. Graphite85

    Graphite85 Registered Member

    Joined:
    Aug 28, 2020
    Posts:
    40
    Location:
    New Zealand
    I reset my firewall rules. Even with the new set I receive a constant barrage of HNS Container Networking rules. Does anyone know anything about HNS and/or how to reduce the number of new rules it creates?
     
  21. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    1,102
    Location:
    Lunar module
    If you really need rules about HNS, move them to any authorized group, then enable the Security -> Secure Rules -> Delete Unautoryzed rules option. Now all rules automatically created by HNS will be automatically deleted.
    If there are no rules you really need, delete them all, or create them yourself.
    To avoid annoying firewall notifications about blocked HNS connections, put HNS in Notifications -> Notifications exceptions (only name, like hns.exe).
    Or to disable such notifications, do the following:
    - For the hns.exe program, create a general blocking rule for outgoing connections and turn it OFF;
    - Check the bottommost checkbox Notifications -> Advanced notificatios settings -> "Use disabled rules when searching for matching rules. If a matching disabled rule is found the notifications will not be displayed".
    In both cases, the notifications will no longer appear.
    What is "HNS Container Networking" and why is it....
     
  22. mantra

    mantra Registered Member

    Joined:
    Jan 25, 2005
    Posts:
    6,167
    hi
    to create a rule that does allow inboud and outboud , do i need to create 2 rules , don't I ?
    there is no way in wfc to create a rule that does allow inboud and outboud ?
    thanks
     
  23. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    1,102
    Location:
    Lunar module
    Yes, you have to create two rules. Moreover, if you want to create these rules for two protocols, e.g. TCP and UDP, you will need to create four rules.
     
  24. mantra

    mantra Registered Member

    Joined:
    Jan 25, 2005
    Posts:
    6,167
    hi
    maybe could be added ?
    thanks

    hi @alexandrud
    could be added a global hotkey to switch between low filtering - medium filtering (and viceversa) ?
    thanks
     
  25. aldist

    aldist Registered Member

    Joined:
    Nov 8, 2017
    Posts:
    1,102
    Location:
    Lunar module
    Command line keys from the developer, create a batch file and run it from the admin.
    Medium Filtering :
    netsh.exe advfirewall set allprofiles state on
    netsh.exe advfirewall set allprofiles firewallpolicy blockinbound,blockoutbound

    Low Filtering:
    netsh.exe advfirewall set allprofiles state on
    netsh.exe advfirewall set allprofiles firewallpolicy blockinbound,allowoutbound

    No Filtering:
    netsh.exe advfirewall set allprofiles state off
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.