Hi there. I will apologize in advance as I'm a bit of a noob, dealing with what is likely a relatively trivial problem. In any event, I'm running a Ubuntu 14.04 server with postfix and attempting to use the e-mail protection features of Sophos UTM (9.315). I've set up postfix as a satellite system pointing to the UTM on a separate box. I've gone through the standard Ubuntu tutorials on setting up postfix and all seems to be working on that end. I've also perused the forums and read the guides and watched the video.
Under routing, I've set my domain name and am using a static host list pointing to the server running postfix. I have verify recipients with callout.
Antivirus, Antispam and Data Protection are all the default settings.
Under Relaying, Upstream Host List and Authenticated Relay are all blank. I've included my server under "Host-based Relay".
Under Advanced, it's all just the default. Transparent routing is off.
Incoming e-mail seems to be working fine. However, all outbound mail just seems to get stuck in the SMTP Spool on the UTM. When I view a message on the spool, I see the following:
2015-08-06 12:08:07 ASPMX.L.GOOGLE.COM [173.194.197.27]:25 Connection timed out
2015-08-06 12:10:14 ALT1.ASPMX.L.GOOGLE.COM [64.233.190.27]:25 Connection timed out
2015-08-06 12:12:22 ALT2.ASPMX.L.GOOGLE.COM [74.125.24.27]:25 Connection timed out
2015-08-06 12:14:29 ASPMX2.GOOGLEMAIL.COM [173.194.206.27]:25 Connection timed out
The only thing I can think of is that it seems that the UTM is not using TLS (otherwise presumably the above would show 465 (or is it 587) rather than 25. However, according to the help file Sophos attempts to negotiate TLS automatically. I selected the WebAdmin cert for use with TLS.
So here's the dumb question - is outbound e-mail stuck because I need to use a CA issued cert for my domain in order for e-mail to be sent out? If that 's not the issue, any suggestions on how I might go about troubleshooting this further would be most appreciated.
This thread was automatically locked due to age.
