Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 26 subscribers
  • Views 1029 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How do I setup XG to allow email clients to authenticate with Mail server?

David Harrison1

Hi all, 

i'll try to keep this short as possible. (i'm also noob to email systems).

what i've done.

1. I've setup hMailServer on windows 2019 in DMZ.  (opened all smtp/ pop / imap ports including ssl ones on server - tested via putty)

2. I've setup MTA as per the Configure email protection in MTA mode (sophos.com) 

3. i've setup a firewall rule to allow those ports inbound to my mail server in DMZ.

I've been sending emails inbound, and i can see via the EMail > Mail Logs that emails are making it to the server. and verify this by seeing the mail box size increase.

When I try to connect to the server via "outlook" it fails every time..  

when I check the "Email > Mail Logs" again, they are being dropped and bounced? i can see the subject "Microsoft outlook test message" which is part of the login process.

i'm guessing its failing because the client isnt getting a response from the test emails.

Just for thoroughness, I've yet to add an SSL to my mail server or XG box (I assume it will be the same one). once I work out where to buy one, that will be done too. (are they just the same as web SSLs?)

Tia

Dave



This thread was automatically locked due to age.
Parents
  • 0

    Hello David,

    Thank you for contacting the Sophos Community.

    I don't have much experience with hMailServer on Outlook, I use Thunderbird usually if using hMailServer, but probably the connection will fail with exchange because of the certificate,  try using Thunderbird, it’ll only warn you about it but will allow you to see if there are any emails.

    Additionally, check on the Advanced options of hMailServer if you have any warning for IP Ranges for "My Computer" and "Internet".

    Regards,

  • 0 in reply to emmosophos

    Thank you for the response Emmanuel,

    I've setup a PC in the DMZ network, and installed mailbird. This is working fine for receiving / sending emails externally.

    So its just something to do with firewall rules allowing external clients to connect up to the mail server.

    it auto generated the policy "auto added firewall rule for MTA"  which had SMTP/ SMTP(S). I added to this IMAP/ IMAPS

    I did try to create a second policy to allow TCP (25, 465, 587, 143, 993) through the mail server, but that didn't work either.. so removed it.

Reply
  • 0 in reply to emmosophos

    Thank you for the response Emmanuel,

    I've setup a PC in the DMZ network, and installed mailbird. This is working fine for receiving / sending emails externally.

    So its just something to do with firewall rules allowing external clients to connect up to the mail server.

    it auto generated the policy "auto added firewall rule for MTA"  which had SMTP/ SMTP(S). I added to this IMAP/ IMAPS

    I did try to create a second policy to allow TCP (25, 465, 587, 143, 993) through the mail server, but that didn't work either.. so removed it.

Children
No Data