This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Feature Request: Ability to maintain a manual Recipient Validation list in the UI

We currently rely on SCP configuration sync to upload our Recipient Validation List.

The other possibilities do not work for us.

Most of the times the SCP sync works just fine but unfortunately the latest software upgrade (v.4.4.1.0) broke our sync feature.

Therefore, we are not able, at the moment, to make any changes in our Recipient Validation list. New employees are not able to receive external emails.

Although we have opened a support case we are not able to make any changes for a week now and we have not received any options from support (yet).

In stead of doing syncs it would be much better and easier to maintain a manual Recipient Validation List in the UI.

Now, we need to update the list and scp sync this to our virtual appliance.
For maintaining a manual list it is much easier to make these changes directly in the UI and apply them.
This would also reduce the chance on failures compared to syncing.

So, please make this option available in the UI.



This thread was automatically locked due to age.
  • Just to clarify

    Are you saying something like

    pscp -i testkey -P 1232 SOPHOS_RECIPIENT_VALIDATION sophosscp@192.168.5.7:

    is failing after the update?

    or you would just like to see it automated via the ui and it works?

  • That is correct: pscp -i testkey -P 1232 SOPHOS_RECIPIENT_VALIDATION sophosscp@192.168.5.7: does not work anymore since the upgrade

    We now get the following error: Fatal: Network Error: Connection Refused

    We have opened a support case, we also have a number but we do not get any response to this call.

    Because it is very important for us to keep this list updated we have disabled yesterday the configuration sync configuration and tried to upload the public key again.

    This also does not work anymore. When I upload the public key it says: Public key uploaded. Click apply to commit changes. When we apply, we get the error: No public key has been uploaded.

    So, at the moment this also does not work.

    Till yesterday, we had in the system health an error: Process health - At least one process is not starting properly - Sophos technical support has been notified
    This error was here since the upgrade.
    Yesterday, I disabled the configuration sync, which also removed the public key. I noticed this morning that the Process Health error which we had since the upgrade has disappeared overnight!

    So, our system seems ok again but I am still in the situation that I cannot upload the public key and therefore I cannot configure SCP sync again and still cannot update the Recipient Validation file.

    Therefore, our thought was why can't this be done in the UI instead of syncing.
    Something like the User Groups which can be made under Accounts.
    Or even better, make it possible to select User Groups, which are already there, to also be added to the recipient validation list.

    or you would just like to see it automated via the ui and it works?

    Yes

  • sounds like perhaps the putty key expired..  (or some other kind of network error/blockage) maybe a firewall rule or something.  I'll assume your on windows.. here is my complete coles notes.. please have a quick look over it and make sure no steps were missed. (or regenerate a new key and try that) 

     

    Windows

    Step #1:
    download the full version of putty
    www.chiark.greenend.org.uk/.../latest.html
    install to \programfiles\putty
    goto the start menu under /putty
    select puttygen
    type of key to generate : RSA
    length 2048
    Wiggle the mouse to generate the keys
    when the key generation is complete save name it testkey
    save them both to your desktop

    Step #2:
    log into the appliance
    upload testkey / configuration / System / Configuration Sync
    select the appliances to sync with
    press apply

    Step #3:
    right click on the desktop
    select new .txt file
    call it SOPHOS_RECIPIENT_VALIDATION.txt
    open notepad++
    copy/paste in the email addresses
    save the file
    click to select, F2 .. remove the .txt extension

    Step #4:
    right click on mycomputer
    from control pannel home, select advanced system settings
    under the advanced tab, select "enviromental settings"
    click path / edit
    add ;\programfiles\putty
    save it
    command + r
    cmd
    cd \user\desktop (or where ever you put the teskey-p.ppk file)
    pscp -i testkey -P 1232 SOPHOS_RECIPIENT_VALIDATION sophosscp@192.168.5.7:

     

    other notes: ensure your file does NOT contain windows carriage return line feeds..   (just google name of text editor and convert crlf to unix)   that will also case the upload to fail..

     

    if you are able to try these steps and it still fails, leave me the case number and I can have a look

  • Just an update,

     

    development has confirmed and issue with the daemon, there is a patch and it will be released soon.  Ensure your case is linked to the appropriate jira and you will receive the patch first. 

  • Hi Red_Warrior,

    Thanks for this update!

    That explains why we are not able to upload the public key again.

    And also, that after switching off the configuration sync option our System Health suddenly turned to green again.

    We really look forward to receive this patch soon.

    How do I link our case to this appropriate Jira?

    Cheers,

    Marc

  • Sorry I forgot to include it .. 

    the JIRA is SEA-1424

  • FYI

    Sophos Technical Support has just successfully patched our system.

    We are now able again to SCP sync our recipient validation list.

    Still, we hope that our feature request, to make these mutations directly in the UI, will be made possible in a future upgrade.

    Thank you for your support.