tracker issue : CF-4203277

select a category, or use search below
(searches all categories and all time range)
Title:

CFPOP to Office365 gets access control block

| View in Tracker

Status/Resolution/Reason: Closed/Withdrawn/PRNeedInfo

Reporter/Name(from Bugbase): Yuliang Ruan / ()

Created: 08/16/2018

Components: Security, Sandbox

Versions: 2016

Failure Type: Others

Found In Build/Fixed In Build: 2016.0.06.308055 C:/ColdFusion2016/cfusion/lib/updates/chf20160006.jar JRE 1.8.0_171 /

Priority/Frequency: Normal / Most users will encounter

Locale/System: / Win 2016

Vote Count: 0

Problem Description:
execute <cfpop action="GETALL" server="outlook.office365.com" secure="true">
with sandbox security ON, and outlook.office365.com port 443 added to Servers tab

receive error:
An exception occurred when setting up mail server parameters.
This exception was caused by: java.security.AccessControlException: access denied ("java.net.SocketPermission" "40.97.166.34:995" "connect,resolve").

so far we've seen access control blocks throw on multiple IP's from microsoft's CAS server list http://download.priasoft.com/office365/Office365_EndPoints.html    


Steps to Reproduce:
turn sandbox on
execute cfpop to office365

Actual Result:
access control error

Expected Result:
pop command executes


Any Workarounds:
either keep on adding IP's or turn sandbox entirely off

Attachments:

Comments:

Hi Yuliang Ruan, Could you please share the complete stack trace. Also, could you let us know if you see this behaviour specific to this mail server only Thanks!
Comment by S P.
29569 | August 21, 2018 06:56:58 AM GMT
Hi Yuliang Ruan, Could you please share the complete stack trace. Also, could you let us know if you see this behavior specific to the outlook mail server only, because we do not see it with our mail servers. Thanks!
Comment by S P.
29641 | August 30, 2018 05:15:17 AM GMT
Closing the bug for now, since there has been no response on it. But if you still do see the issue, do get back to us, we would reopen the bug. Thanks!
Comment by S P.
29663 | September 05, 2018 05:26:41 AM GMT
Sorry about late response. I suspect this is related to MS's Office365 server doing possible redirects to its CAS server list. when we migrate in future to CF2018 and try to do sandbox again, i'll reverify this.
Comment by Yuliang R.
29739 | September 25, 2018 08:10:52 PM GMT