Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 15 replies
  • Answers 1 answer
  • Subscribers 6 subscribers
  • Views 3414 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Problem with SMTP port 255 in Sophos UTM 9.602-3.1 Home

Javier Lasala

Good day to the whole community, first of all I want to tell you that I am very new to the topic and I am trying to implement the Sophos UTM 9.602 Home. I have everything installed and with some basic configurations and it works great, my problem is presented with the email accounts that I have configured in Microsoft Outlook (they are pop accounts) which use the SMTP port 255 and some of the firewall blocks it with which I can not send any mail. The strange thing is that the send / receive test that the outlook does when setting up the account does it well and does not give any error, but when I generate a new mail I can not get it to come out.
I have the SMTP Proxy deactivated, please if someone can help me, I am going to thank you very much since I have been working with this issue for a couple of days.

Thank you

Javier



This thread was automatically locked due to age.
Parents
  • 0

    This sounds like a common Outlook configuration error, which has nothing to do with UTM.  In your Outlook profile, change the mail account, the choose Morel Settings, then Outgoing Server tab.   Check the boxes for "Outgoing server requires authentication" and "use the same settings as my incoming mail server".  The test works because the incoming mail is tested first, making you authenticated.

    SMTP Proxy is only useful if you have a mail server inside your house.   This does not seem to be your situation, so leave it disabled.

    Since you are using POP, you should use the POP proxy.  Most residential mail systems have pretty weak spam filters.   The UTM POP proxy gives you a little extra protection, because it will replace a suspicious message with a placeholder.   If a false positive occurs, you should be able to view it using the vendor's webmail interface.  (Not necessarily wise, but possible.)

  • 0 in reply to DouglasFoster 
    Thank you very much for your clarifications. 
    The issue is that if I replace the Sophos UTM with a common router (keeping the same configuration of Microsoft Outlook) I can send without problems. 
    The problem occurs when going through the Sophos UTM.
Thank you
  • 0 in reply to Javier Lasala

    That's way too much to deal with, Javier.  Try again with the Live Log running.  Show us several lines from the full log file corresponding to the lines in the Live Log where you saw a problem.

    There are already some problems we can see that you need to address...

    In one line above, I saw srcip="192.168.5.199" dstip="192.168.5.1" - drops out of the INPUT chain (fwrule="60001") of TCP 2555. Why is .199 sending port 2555 traffic to the UTM's Internal interface?

    You mentioned port 255, but I did not see anything in the logs about that port.

    The drops of RST packets related to TCP 443 are not unusual, but it suggests that there may be latency in the connection.  See if those errors go away if you do the following on the command line as root: cc set http response_timeout 120

    The drops of UDP 443 mean that you don't have a firewall rule allowing Google QUIC.  If you want to force HTTPS traffic through Web Filtering, just make a firewall rule like 'Any -> {UDP 443} -> Internet IPv4 : Drop'.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0 in reply to Javier Lasala

    That's way too much to deal with, Javier.  Try again with the Live Log running.  Show us several lines from the full log file corresponding to the lines in the Live Log where you saw a problem.

    There are already some problems we can see that you need to address...

    In one line above, I saw srcip="192.168.5.199" dstip="192.168.5.1" - drops out of the INPUT chain (fwrule="60001") of TCP 2555. Why is .199 sending port 2555 traffic to the UTM's Internal interface?

    You mentioned port 255, but I did not see anything in the logs about that port.

    The drops of RST packets related to TCP 443 are not unusual, but it suggests that there may be latency in the connection.  See if those errors go away if you do the following on the command line as root: cc set http response_timeout 120

    The drops of UDP 443 mean that you don't have a firewall rule allowing Google QUIC.  If you want to force HTTPS traffic through Web Filtering, just make a firewall rule like 'Any -> {UDP 443} -> Internet IPv4 : Drop'.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data
Unfiltered HTML