Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 15 replies
  • Answers 1 answer
  • Subscribers 6 subscribers
  • Views 3411 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Problem with SMTP port 255 in Sophos UTM 9.602-3.1 Home

Javier Lasala

Good day to the whole community, first of all I want to tell you that I am very new to the topic and I am trying to implement the Sophos UTM 9.602 Home. I have everything installed and with some basic configurations and it works great, my problem is presented with the email accounts that I have configured in Microsoft Outlook (they are pop accounts) which use the SMTP port 255 and some of the firewall blocks it with which I can not send any mail. The strange thing is that the send / receive test that the outlook does when setting up the account does it well and does not give any error, but when I generate a new mail I can not get it to come out.
I have the SMTP Proxy deactivated, please if someone can help me, I am going to thank you very much since I have been working with this issue for a couple of days.

Thank you

Javier



This thread was automatically locked due to age.
Parents
  • 0

    This sounds like a common Outlook configuration error, which has nothing to do with UTM.  In your Outlook profile, change the mail account, the choose Morel Settings, then Outgoing Server tab.   Check the boxes for "Outgoing server requires authentication" and "use the same settings as my incoming mail server".  The test works because the incoming mail is tested first, making you authenticated.

    SMTP Proxy is only useful if you have a mail server inside your house.   This does not seem to be your situation, so leave it disabled.

    Since you are using POP, you should use the POP proxy.  Most residential mail systems have pretty weak spam filters.   The UTM POP proxy gives you a little extra protection, because it will replace a suspicious message with a placeholder.   If a false positive occurs, you should be able to view it using the vendor's webmail interface.  (Not necessarily wise, but possible.)

Reply
  • 0

    This sounds like a common Outlook configuration error, which has nothing to do with UTM.  In your Outlook profile, change the mail account, the choose Morel Settings, then Outgoing Server tab.   Check the boxes for "Outgoing server requires authentication" and "use the same settings as my incoming mail server".  The test works because the incoming mail is tested first, making you authenticated.

    SMTP Proxy is only useful if you have a mail server inside your house.   This does not seem to be your situation, so leave it disabled.

    Since you are using POP, you should use the POP proxy.  Most residential mail systems have pretty weak spam filters.   The UTM POP proxy gives you a little extra protection, because it will replace a suspicious message with a placeholder.   If a false positive occurs, you should be able to view it using the vendor's webmail interface.  (Not necessarily wise, but possible.)

Children
  • 0 in reply to DouglasFoster 
    Thank you very much for your clarifications. 
    The issue is that if I replace the Sophos UTM with a common router (keeping the same configuration of Microsoft Outlook) I can send without problems. 
    The problem occurs when going through the Sophos UTM.
Thank you
  • 0 in reply to DouglasFoster

    Actually, Doug, I prefer to configure the SMTP Proxy over the POP3 Proxy for use with hosted email servers.  In most cases, you will want to ask the hoster to disable any anti-spam they supply.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to Javier Lasala

    That's way too much to deal with, Javier.  Try again with the Live Log running.  Show us several lines from the full log file corresponding to the lines in the Live Log where you saw a problem.

    There are already some problems we can see that you need to address...

    In one line above, I saw srcip="192.168.5.199" dstip="192.168.5.1" - drops out of the INPUT chain (fwrule="60001") of TCP 2555. Why is .199 sending port 2555 traffic to the UTM's Internal interface?

    You mentioned port 255, but I did not see anything in the logs about that port.

    The drops of RST packets related to TCP 443 are not unusual, but it suggests that there may be latency in the connection.  See if those errors go away if you do the following on the command line as root: cc set http response_timeout 120

    The drops of UDP 443 mean that you don't have a firewall rule allowing Google QUIC.  If you want to force HTTPS traffic through Web Filtering, just make a firewall rule like 'Any -> {UDP 443} -> Internet IPv4 : Drop'.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to Javier Lasala

    But have you checked the settings I indicated?

  • 0 in reply to BAlfson

    My point is that the SMTP Proxy sits in front of a mail server, not in front of Outlook.   The UTM SMTP proxy works if you own a domain, have an ISP that will allow you to accept incoming SMTP traffic, and either have an internal server or have a hosted service that allows you to configure UTM as a trusted forwarder.  For home users, these conditions are not satisfied.

    When UTM only sees the client connection between Outlook and the mail server, POP3 is about all that is useful.   Although Outlook uses SMTP for the outbound portion of a POP or IMAP connection, the most that the SMTP proxy can do in this configuration is filter traffic flowing from Outlook to the mail server.  Most home users are worried about blocking hostile incoming traffic, not blocking their own outbound traffic after they have been infected.   I think it is an open question whether the SMTP proxy can work on a client connection when authentication is needed at the mail server.

    Since the Outlook test works and non-test mode does not work, something is interfering with the authentication process on the SMTP connection.  Either the SMTP proxy is in place and interfering, or the Outlook profile is not sending authentication information at all.   That is why I recommended disabling the proxy and checking the Outlook profile.

     

  • +1 in reply to DouglasFoster

    Thanks for saying a lot of things I didn't take the time to.  We agree - I never recommend using the SMTP Proxy without an owned domain with its own mail server.  Looking back at his first post, he doesn't have the SMTP Proxy activated.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    I noticed that my provider changed the configuration of the SMTP ports and now uses the SSL 465, with which I made the changes in Sophos UTM but I continue with the same problem. I am going to consider this topic closed and I will open a new one indicating the correct data so as not to generate confusion. Thank you so much for everything. regards

Unfiltered HTML