Discussion in 'other firewalls' started by alexandrud, May 20, 2013.
Check that your mail client (one or more lines) are on this list, or add them manually (step 4)
That's odd, mines not showing much and the "change settings" is grayed out...
I am able to allow another app through. Where would I find the Mail app when I browse for it?
when I launch the Mail App, WFC immediately alerts to its connection attempt...
Wow, wish I could get mine to do that too. Have you got it set to medium filtering? When I lauch the mail app, no pop-ups from WFC. The mail app launches but when I click the refresh button at the top of the mail app, I get the little triangle. If I put WFC on low filtering, mail works fine.
It sure would be nice if the "click to allow" worked... I could just click on the mail app and it would work using medium filtering.
You may already have a firewall rule that prevents mail from going online. Look in the Rules Panel, find that rule or rules and remove them. Also look at the Connections log and find the blocked connections for your mail. This should be enough to correctly create an allow rule or rules for mail.
Mail app uses 2 exe and svchost on top of it for DNS requests and svchost again to launch MS sign-in. As seen on the previous popup, the process is launched by svchost as well.
I exported the rules, but not sure what to open it with. I did see the popup hxoutlook.exe and allowed it permanently, mail still being blocked.
I see a lot of connections blocked, but cant "allow", tried highlighting them and clicked allow, still being blocked.
I copied all the blocked connections to notepad, found outlook communications and added that to the firewall. See image, it now shows outlook communications, but still blocking Win 10 mail app.
Medium filtering here. I would follow the advice from aldist in post #6230, especially checking blocked logs, and the rules posted by Tairiku look correct as well.
For info of all: Your notification from WFC is asking to connect to that IP address on port 443 with the TCP protocol. This is now used for DNS queries that are encrypted, usually referred to as DOH or DNS over https.
the 188.8.131.52 IP address belongs to a microsoft site, but they don't, to my knowledge, resolve DNS or DOH. Some setting for your network appears to be wrong.
Other posters with problems: What is your DNS set to, for your ethernet adapter?
What version of windows?
Are you using a VPN or proxy?
Win10 or 11 can use DOH natively if set up in windows, or thru a browser like firefox/chrome/edge if set up to do so.
(I use 'Thunderbird as a mail client, no problem, and have a rule for it in wfc to allow outbound connections on 'any' ports or IP addresses.
This problem looks like a weird connection setting diffugalty
Well gents, first off I want to thank everyone for trying to help me with this. I have "thrown in the towel" as they say and just deleted WFC with great sadness. I had no problem using WFC with Thunderbird as Kronckew is doing. I may return to WFC in the near future and just use Tbird with it as my mail client. A shame it works no problem with Tbird, don't know why such a problem with Win 10 mail app. Maybe Malwarebytes will read this thread and update WFC to work "out of the box" with Win 10 mail app, as it does with Tbird.
Again, thanks to all for helping....I need a cold beverage now, and here's a hint: it's not a Sprite...
In my case for Thunderbird (POP3 and IMAP) it is enough to allow remote ports UDP 53, TCP 25, 80, 143, 443, 465, 993, 8080
Not a good idea to allow anyone reading your emails by sending an unencrypted traffic, but more worrisome possibly sending your passwords via those channels.
Thunderbird does not download e-mail by http (tcp 80) and https (443) connections. It is for HTML-based content with pictures so Thunderbird can download images. By default Thunderbird does not download (so does not show them) - just prompts that user can download picture for this or that mail.
The problem here is not WFC, Binisoft, Malwarebytes, but the email client from Windows 10 which is bad designed so that you may buy an Office 365 subscription and have a decent paid email client product which is Outlook. Regarding this default Mail client from Windows 10, I added an article in WFC user manual a few years ago. Here it is: https://binisoft.org/pdf/guides/Malwarebytes-WFC-User-Guide.pdf#page=48 You have to allow svchost.exe very wide to make it work. I don't know why they don't use a single process for this default email client. For Outlook, you have to allow outbound connections for outlook.exe and that's all. For this default mail client there is no such simple thing as allow one exe file and that's all, similar to outlook.exe or thunderbird.exe.
Port 25 is the SMTP protocol, without it sending mail will not work, port 80 is needed to display a pictures when you receive mail. reasonablePrivacy is right, there is no security risk.
just a question
can windows firewall control block firewall attacks ?
or does it use only the w7 and w10 firewall ?
on a site , i had found in the past windows firewall can block everything
Windows Firewall Control is just a friendly GUI to the Windows brandmauer, an add-on to the Windows brandmauer.
Sending unencrypted mail, only 465 should be used.
Without port 25, IMAP mail registered with local ISP is not sent ...incorrect SMTP server settings... Mail from global ISP like gmail is sent.
I reset my firewall rules. Even with the new set I receive a constant barrage of HNS Container Networking rules. Does anyone know anything about HNS and/or how to reduce the number of new rules it creates?
If you really need rules about HNS, move them to any authorized group, then enable the Security -> Secure Rules -> Delete Unautoryzed rules option. Now all rules automatically created by HNS will be automatically deleted.
If there are no rules you really need, delete them all, or create them yourself.
To avoid annoying firewall notifications about blocked HNS connections, put HNS in Notifications -> Notifications exceptions (only name, like hns.exe).
Or to disable such notifications, do the following:
- For the hns.exe program, create a general blocking rule for outgoing connections and turn it OFF;
- Check the bottommost checkbox Notifications -> Advanced notificatios settings -> "Use disabled rules when searching for matching rules. If a matching disabled rule is found the notifications will not be displayed".
In both cases, the notifications will no longer appear.
What is "HNS Container Networking" and why is it....
to create a rule that does allow inboud and outboud , do i need to create 2 rules , don't I ?
there is no way in wfc to create a rule that does allow inboud and outboud ?
Yes, you have to create two rules. Moreover, if you want to create these rules for two protocols, e.g. TCP and UDP, you will need to create four rules.
maybe could be added ?
could be added a global hotkey to switch between low filtering - medium filtering (and viceversa) ?
Command line keys from the developer, create a batch file and run it from the admin.
Medium Filtering :
netsh.exe advfirewall set allprofiles state on
netsh.exe advfirewall set allprofiles firewallpolicy blockinbound,blockoutbound
netsh.exe advfirewall set allprofiles state on
netsh.exe advfirewall set allprofiles firewallpolicy blockinbound,allowoutbound
netsh.exe advfirewall set allprofiles state off