Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 2 subscribers
  • Views 1435 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

[9.103-5][BUG]URL bug in Quarantine Report Email

JimmyJoeBob
UTM FW 9.103-5

Summary:
When the periodic EMail Quarantine Report is created, two URLs are built for the Action column to support Release and Whitelist actions for each email in the report. Clicking these URLs result in a failed connection to the UTM. 

Repro:
1. Enable Quarantine reports under Email Protection->Quarantine Report->Global.
2. Populate the SMTP hostname field (mail.domain.tld) in SMTP->Advanced->Advanced Settings
3. Populate the Hostname field (utm1.domain.tld) in Email Protection->Quarantine Report->Advanced
4. Generate Quarantine Reports

Expected:
Quarantine Action URLs would be built using the Hostname defined under Email Protection->Quarantine Report->Advanced (utm1.domain.tld). 

Actual:
Quarantine Action URLs are built using the SMTP Hostname (mail.domain.tld) defined in Email Protection->SMTP->Advanced->Advanced Settings, even if the Hostname is defined under Email Protection->Quarantine Report->Advanced. If mail.domain.tld resolves to any host other than the UTM, the connection will fail.


This thread was automatically locked due to age.
Parents
  • 0
    Kewl - t'anxq, Bob!

    Sophos XG1 (SFOS 17.5.9 MR-9) on ProtectLi FW2B

  • 0 in reply to JimmyJoeBob
    This still seems to be a problem with 9.202. I have one site with a UTM 220 that originally had 8.something and Release Links work correctly on it even though it is now at 9.202.
    However, I have a new site with a new UTM 220 that came with 9.X and Release Links fail as described, it's using the SMTP Host name instead of the Quarantine host name.
    The other difference between the sites, is the first is using SSO with AD and the second is not.
    Anybody have a solution for this?
Reply
  • 0 in reply to JimmyJoeBob
    This still seems to be a problem with 9.202. I have one site with a UTM 220 that originally had 8.something and Release Links work correctly on it even though it is now at 9.202.
    However, I have a new site with a new UTM 220 that came with 9.X and Release Links fail as described, it's using the SMTP Host name instead of the Quarantine host name.
    The other difference between the sites, is the first is using SSO with AD and the second is not.
    Anybody have a solution for this?
Children
No Data
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?