Cumulus Support

After creating a Windows Firewall rule to allow incoming connections to CumulusMX.exe on ports 8002 and 8998, I found that machines on my local network were still unable to connect. After some investigation, I found that while CumulusMX.exe was listening on port 8002 as expected, port 8998 was instead bound to "System". Creating a rule to allow incoming connections to "all programs" on port 8998 allowed incoming connections from other machines to work. However, this creates a security issue because now all programs can bypass the inbound connection firewall by simply using port 8998. Obviously, not an ideal situation. Unless I'm missing something, please reconsider the decision to run CumulusMX in this manner.

If you mean the requirement to run 'elevated' (as administrator), that's required to allow MX to act as a web server. You can remove that requirement by using the netsh command in the instructions. If that's not what you mean, you'll have to tell me what you do mean, and what I have to do to avoid it.

You only need to apply the inbound rule on port 8998 to your 'private' network and certainly not 'public'. Therefore I do not see a security issue.

Plus the fact it is an internal network connection inside your home network not external to it so use your router to block all incoming connections from the internet.

If you are really concerned you can limit the rule to a single IP address - I haven't tried it but I suspect 127.0.0.1 will also work, then you will only be able to connect using a browser on the server itself.