Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 13 replies
  • Subscribers 3 subscribers
  • Views 21302 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Testing SMTP for Executive Reports

utmadm

I switched hosting providers last Friday, and now I am not getting daily executive reports. There were no problems with the previous hosting service. I am still tweaking the settings in Management->Notifications->Advanced, and also just updated the FQDN for the outbound mail server in Definitions & Users->Network Definitions. Here is my question:

-> Is there an easy way to get the UTM to test its email notification settings by forcing it to send an email message immediately, instead of waiting for the daily report to be sent?



This thread was automatically locked due to age.
  • 0 in reply to BAlfson

    Hi Bob,

    Here is the latest info:

    TELNET: I tried the telnet "script" above. Here are the results. Note: Port 587 is not open on my UTM firewall:

    * Home computer terminal (through UTM), port 587: Timed out. The "Escape character is..." does not appear. (Remember, this port is not open on the UTM.)

    * Home computer terminal (through UTM, port 465: Saw the "Escape character is...", but nothing else. Connection closed by foreign host appears if I type any command.

    * UTM console as root, port 587: Works as you described in your example. There are slight differences in the accepted command list, but STARTTLS is one of them. 

    * UTM console as root, port 465: Same as port 465 from my home computer above. Any command gets "Connection closed by foreign host"

    Port 587 in Advanced Tab in WebAdmin on UTM (External SMTP Server): 

    This is working. The UTM is sending email notifications and I am receiving them. I have not yet determined whether the email from the UTM to the SMTP server is secured through TLS. I assume so, since the "Use TLS" is checked (enabled) in the WebAdmin interface. I can't explain why this works, because it is not the port that the hosting service wants me to use.

    Port 465 in Advanced Tab in WebAdmin on UTM (External SMTP Server): 

    As I said in previous messages, this doesn't work, but I cannot explain why, especially since this is the port that the hosting services wants me to use. 

    UTM Internal Mail Server (External SMTP Server Disabled):

    This works, too. I have noted before that the UTM appears to have its own mail server. If I disable "External SMTP Server Status" in the Advanced Tab to Off ("0"), the notifications get through.  Frankly, I do not know why this works. You would think that my ISP would prevent me from operating a mail server from my home connection, but apparently not. (A botnet could use the same mechanism to send spam from my home network. Perhaps the ISP allows a time-limited number of outbound status email messages, such as the ones from the UTM, but blocks larger quantities in a short period of time.)

  • 0 in reply to utmadm

    The key to the telnet test is running it from the command line of the UTM.

    If you attempt to telnet to an MTA other than your ISP's smart host, you likely will be blocked.

    Cheers - Bob

  • 0 in reply to BAlfson

    Bob: "The key to the telnet test is running it from the command line of the UTM."

    As you see, I tried both (Terminal on home computer, command line on UTM as root).

    You are right, the telnet test only worked from the UTM console, and only through port 587. It does not work with port 465, although I can't explain why.

    My email client (Apple Mail) sends email using port 465. Port 587 is not open on the UTM firewall. The UTM itself can ignore the port 587 block when it sends, but obviously it won't work from my home computer behind the UTM unless I enable the port in the firewall.

    I am curious to understand this better, but the truth is that I have two ways to make it work for my specific configurations of UTM, ISP, and hosting provider:

    * Disable External SMTP Server in the Advanced tab, which appears to use a built-in mail server in the UTM. 

    * Enable External SMTP Server in the Advanced tab with port 587, TLS, and Authentication enabled. (The same configuration won't work with the hosting service's recommended port 465.)