How to set up email alert in Sophos Anti Virus for Mac (Preferences > Messaging)

Hello robhadi,

it expects an SMTP listening on port 25, no authentication.

Christian

Hello Christian,

thank you very much for your answer. So any email server, anywhere, which doesn't require an authentication should work, yes?

thanks,

robhadi

How can I test the email alert?

It's a little bit pointless to make an email alert for a home edition without authentication. That means you should have your own smtp server because almost none of the common email provider is offering a smtp email server without authentication. Nevertheless I found a solution with gmail. There is a gmail smtp server which works without authentication (aspmx.l.google.com). It sends only to other gmail accounts, but this is ok in my case. 

I tested the email server, with all the settings I am using in Sohpos, with a smtp server test tool (https://www.wormly.com/test_smtp_server). Everything worked fine. But Sophos is not sending any email. I downloaded the EICAR test file. Sophos is alerting but doesn't send any email. 

Is Sophos' email alert really working? Is there any log for this or is it possible to see in the Console if Sophos is doing anything with the email alert?

Thank you for your help.

Hello robhadi,

a little bit pointless to make an email alert for a home edition without authentication

the home edition is essentially the licensed product minus the management component (and a small change in AutoUpdate part). Alerting hasn't been written for the home edition. Personally I don't consider email alerting that important - it's most useful for unattended machines, but then you likely have a small network and perhaps some kind of mail server. 

It is working if properly set up but I'm not aware of any logs. You could use nc as a q&d means to monitor the sending attempt though. 

Christian   

Hello Christian,

thank you very much for your quick answer. Is there a licensed version for Mac?

I have to monitor a unattended machine... A small network with two Macbooks a Router and a MacPro but no mail server.

What means "nc as a q&d"?

I managed to capture the Traffic with Little Snitch. There I could see that google is blocking the email because of the unauthorized ip-address.

As far as I can see now there is now way to use it unless you are running your own mail server. Maybe Sophos could mention this somewhere.

Thank you very much.

Hello robhadi,

nc as a q&d

jargon, :smileyhappy: ... nc (the UNIX  netcat incarnation on Mac OSX) as quick and dirty sniffer started from a terminal window, like:

mkfifo mpipe
sudo nc -vv -l -p 25 0<mpipe|tee >(nc -vv the.smtp.here 25 1>mpipe) 

Before you'd set the server to 127.0.0.1 in Preferences, the.smtp.here is the name or address of the server you intend to use (the google server refuses the connection). Then trigger an alert.

Anyway - I agree that this should be mentioned. A local mail server is one way (but just one) to get notifications from unattended machines - dunno much about Macs and OSX but heard that postfix comes with them.

There are no home user licensed versions, Sophos sells to businesses only (starting at 3 users). To use the mangement features you'd need Windows and anyhow a mail server willing to forward is still required for the email alerts.

Christian 

Hello Christian,

thank you :smileyhappy:

And I donnu much about UNIX :smileywink:

Postfix sounds interesting, thank you.

Maybe I just update to OSX Server for 19$. Just for fun.

Then I have also a mail server. 

Thanks