[horde] Horde stops working if firewall blocks external domain

Louis-Philippe Allard lp.allard.1 at gmail.com
Tue Feb 21 01:34:11 UTC 2017


  Quoting Michael J Rubinsky <mrubinsk at horde.org>:

> Quoting Louis-Philippe Allard <lp.allard.1 at gmail.com>:
>
>> Quoting Simon B <simon.buongiorno at gmail.com>:
>>
>>>  
>>>
>>> On 13 Feb 2017 16:02, "Louis-Philippe Allard"  
>>> <lp.allard.1 at gmail.com> wrote:
>>>> Hello list,
>>>>
>>>> I have a Horde Webmail 5.2.17 up to date running on a Centos 7  
>>>> VPS.  MySQL database is hosted on another VPS ont he same LAN.   
>>>> Communication between VPS'es is 100% functional without any issues.
>>>>
>>>> Once in a while I login to Horde which uses IMP as my auth  
>>>> application. IMP uses my Gmail account to authenticate me to  
>>>> Horde.  All has been working well until I made some changes to my  
>>>> firewall and added the domain "ssl.google-analytics.com[1]" to a  
>>>> block list (it is part of an automated blocklist feed from  
>>>> iblocklist.com[2]).
>>>>
>>>> What happens is that I am working in Horde (calendar, emails,  
>>>> tasks, etc) then all of a sudden, connectivity stops, the apps  
>>>> are not responding, and I see the red popup at the bottom corner  
>>>> of the screen saying "Error communicating with server".
>>>>
>>>> I have successfully connected this type of incident with the  
>>>> firewall logs and indeed it is when "ssl.google-analytics.com[1]"  
>>>> is blocked.
>>>>
>>>> My question is: why is horde insisting to connect to an outside  
>>>> domain (google's in this case) when it is not necessary?  All  
>>>> data is stored in a local LAN database, and the VPS is also on  
>>>> LAN.  Actually, I would expect only IMP and the emails to cease  
>>>> working if it ***really*** needs to use  
>>>> "ssl.google-analytics.com[1]" to function...
>>>>
>>>> That looks sketchy to me...
>>>>
>>>> Anybody can shed some light on this?
>>>
>>> Sounds like you, or an administrator added Google analytics  
>>> scripts to your Horde installation.
>>>
>>> But as I remember you use Horde to interface to gmail's IMAP  
>>> servers, so that might also be an issue..
>>>
>>> Simon
>>
>> Helli Simon,
>>
>> So if I added Google analytics scripts to my horde install, that  
>> was automatically when installing Horde webmail, and I dont want  
>> that stuff here...
>
> This is not something that Horde adds. The only place in our entire  
> source tree that 'google-analytics' appears is in a unit test for  
> testing RSS feeds.
>
>> How do I check that?
>
> Use grep to search your horde and pear directory for 'google-analytics'.
>
>> I wonder why would using horde to interface to Gmail's servers  
>> would require google-analytics?
>>
>> Links:
>> ------
>> [1] http://ssl.google-analytics.com
>> [2] http://iblocklist.com
>> Louis-Philippe Allard
>> lp.allard.1 at gmail.com
>> Sent using Horde Groupware on GNU/Linux
>> --
>> Horde mailing list
>> Frequently Asked Questions: http://horde.org/faq/
>> To unsubscribe, mail: horde-unsubscribe at lists.horde.org
>
> --
> mike
> The Horde Project
> http://www.horde.org
> https://www.facebook.com/hordeprojecthttps://www.twitter.com/hordeproject

OK I have done a filesystem search and found these:

/var/www/html/horde/js/map/theme/default/google.css
/var/www/html/horde/js/map/theme/default/google.tidy.css
/var/www/html/horde/js/map/google.js
/var/www/html/horde/themes/default/graphics/google.png

Are those to worry about?

Also, this doesnt answer why everything stops working because Horde  
has troubles communicating with the outside (some google domain or  
whatever).  Why does Kronolith stops responding?  Why Turba stops  
responding?  Only IMP uses Gmail as the backend server for emails, all  
other data is stored locally.
  Louis-Philippe Allard
lp.allard.1 at gmail.com
Sent using Horde Groupware on GNU/Linux


More information about the horde mailing list