Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 4 subscribers
  • Views 3667 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Gmail und GMX Zertifkat

arash guru

Hallo,

Ich bin neue in sophos welt und jetzt habe ein Sophos UTM 9.4 Home im betrieb als hardware verwnde ich ein Zotac Ci 323.

Ich habe ein problem mit Email Protection und zwar POP3 proxy lasst alle emails einfach durch,so dass keine überprufung durchgeführt wird,

das steht in log datei von POP3 :

2016:12:10-17:18:21 ut pop3proxy[8613]: Master started
2016:12:10-17:18:27 ut pop3proxy[8613]: Reloading configuration
2016:12:10-17:19:18 ut pop3proxy[8613]: Reloading configuration
2016:12:10-18:01:34 ut pop3proxy[8613]: Reloading configuration
 
und in Dashboard :
 
POP3 Proxy is active, 0 emails processed, 0 emails blocked

Kann bitte jemand mir helfen und sagen Wie ich ein Zertifkat von GMX und Gamil Extrahieren und in Sophos UTM hochladen.

 

Ich bin für jede Hilfe sehr dankbar. Ich suche schon lange nache einer Lösung.

lg. arash



This thread was automatically locked due to age.
Parents
  • 0

    Hallo,

     

    du benötigst hier kein Certificate von GMX sondern das Certificate, dass die Endpoint Clients annehmen. 

     

    Da dies ein POP3 Proxy ist, intercepted dieser die Connection und liefert dann in seinem Namen die Daten an die Endpoints weiter.

     

    Mehr dazu in der Onlinehilfe:

     

    TLS Settings

    Scan TLS encrypted POP3 traffic: If enabled, the UTM will scan TLS encrypted POP3 traffic. For this to work, TLS certificates have to be defined for the POP3 servers accessed by the POP3 clients (see POP3 Servers and Prefetch Settings section above and TLS certificate checkbox below).

    If disabled, and a POP3 client tries to access a POP3 server via TLS, the connection will not be established.

    TLS certificate: Select a certificate from the drop-down list which will be used for TLSClosed encryption with all POP3 clients supporting TLS and trying to access a POP3 server that either is not listed in the POP3 servers box above or does not have a matching TLS certificate associated. The selected certificate will be presented to the POP3 client. POP3 clients usually verify that the TLS certificate presented by the POP3 server matches the configured POP3 server name. For this reason, most POP3 clients will display a warning that the certificate's hostname does not match the expected configured POP3 server's name. However, the user can dismiss the warning and connect nevertheless. If you want to avoid this warning, add all used POP3 servers to the POP3 servers box above and configure matching TLS certificates for each of them.

    If no certificate is selected here, and a POP3 client tries to access a POP3 server via TLS that is not listed in the POP3 servers box or does not have a matching TLS certificate associated, the connection will not be established.

    __________________________________________________________________________________________________________________

Reply
  • 0

    Hallo,

     

    du benötigst hier kein Certificate von GMX sondern das Certificate, dass die Endpoint Clients annehmen. 

     

    Da dies ein POP3 Proxy ist, intercepted dieser die Connection und liefert dann in seinem Namen die Daten an die Endpoints weiter.

     

    Mehr dazu in der Onlinehilfe:

     

    TLS Settings

    Scan TLS encrypted POP3 traffic: If enabled, the UTM will scan TLS encrypted POP3 traffic. For this to work, TLS certificates have to be defined for the POP3 servers accessed by the POP3 clients (see POP3 Servers and Prefetch Settings section above and TLS certificate checkbox below).

    If disabled, and a POP3 client tries to access a POP3 server via TLS, the connection will not be established.

    TLS certificate: Select a certificate from the drop-down list which will be used for TLSClosed encryption with all POP3 clients supporting TLS and trying to access a POP3 server that either is not listed in the POP3 servers box above or does not have a matching TLS certificate associated. The selected certificate will be presented to the POP3 client. POP3 clients usually verify that the TLS certificate presented by the POP3 server matches the configured POP3 server name. For this reason, most POP3 clients will display a warning that the certificate's hostname does not match the expected configured POP3 server's name. However, the user can dismiss the warning and connect nevertheless. If you want to avoid this warning, add all used POP3 servers to the POP3 servers box above and configure matching TLS certificates for each of them.

    If no certificate is selected here, and a POP3 client tries to access a POP3 server via TLS that is not listed in the POP3 servers box or does not have a matching TLS certificate associated, the connection will not be established.

    __________________________________________________________________________________________________________________

Children
  • 0 in reply to LuCar Toni

    Hallo, Danke für deine Antwort, aber es funktioniert bei mir nicht und ich habe in diesem forum lange gesucht und verschiedene antworten gesehen aber ich bringe es nicht zu laufen,vor allem habe probleme mit iphone und ipad

    hier ist meine pop3 log datei,kannst mir sagen wo das Problem ist?

    Danke für deine Hilfe

    017:01:19-21:13:08 ut pop3proxy[26836]: Client 192.168.7.51 logged out
    2017:01:19-21:13:08 ut pop3proxy[26842]: Client 192.168.7.51 logged out
    2017:01:19-21:13:08 ut pop3proxy[26836]: Failed to shutdown SSL connection
    2017:01:19-21:13:08 ut pop3proxy[26842]: Failed to shutdown SSL connection
    2017:01:19-21:13:08 ut pop3proxy[26848]: Client 192.168.7.51 logged out
    2017:01:19-21:13:08 ut pop3proxy[26848]: Failed to shutdown SSL connection
    2017:01:19-21:13:09 ut pop3proxy[26860]: Accepted client connection from 192.168.7.51 for 85.124.251.69 (pop.sprit.org Servers server_id 1)
    2017:01:19-21:13:09 ut pop3proxy[26866]: Accepted client connection from 192.168.7.51 for 85.124.251.69 (pop.sprit.org Servers server_id 1)
    2017:01:19-21:13:09 ut pop3proxy[26862]: Accepted client connection from 192.168.7.51 for 85.124.251.69 (pop.sprit.org Servers server_id 1)
    2017:01:19-21:13:09 ut pop3proxy[26859]: Accepted client connection from 192.168.7.51 for 85.124.251.69 (pop.sprit.org Servers server_id 1)
    2017:01:19-21:13:09 ut pop3proxy[26869]: Accepted client connection from 192.168.7.51 for 85.124.251.69 (pop.sprit.org Servers server_id 1)
    2017:01:19-21:13:09 ut pop3proxy[26872]: Accepted client connection from 192.168.7.51 for 85.124.251.69 (pop.sprit.org Servers server_id 1)
    2017:01:19-21:13:09 ut pop3proxy[26871]: Accepted client connection from 192.168.7.51 for 85.124.251.69 (pop.sprit.org Servers server_id 1)
    2017:01:19-21:13:09 ut pop3proxy[26868]: Accepted client connection from 192.168.7.51 for 85.124.251.69 (pop.sprit.org Servers server_id 1)
    2017:01:19-21:13:09 ut pop3proxy[26873]: Accepted client connection from 192.168.7.51 for 85.124.251.69 (pop.sprit.org Servers server_id 1)
    2017:01:19-21:13:09 ut pop3proxy[26864]: Accepted client connection from 192.168.7.51 for 85.124.251.69 (pop.sprit.org Servers server_id 1)
    2017:01:19-21:13:09 ut pop3proxy[26865]: Accepted client connection from 192.168.7.51 for 85.124.251.69 (pop.sprit.org Servers server_id 1)
    2017:01:19-21:13:09 ut pop3proxy[26860]: Client 192.168.7.51 logged out
    2017:01:19-21:13:09 ut pop3proxy[26860]: Failed to shutdown SSL connection
    2017:01:19-21:13:09 ut pop3proxy[26870]: Accepted client connection from 192.168.7.51 for 85.124.251.69 (pop.sprit.org Servers server_id 1)
    2017:01:19-21:13:09 ut pop3proxy[26864]: Client 192.168.7.51 logged out
    2017:01:19-21:13:09 ut pop3proxy[26864]: Failed to shutdown SSL connection
    2017:01:19-21:13:09 ut pop3proxy[26866]: Client 192.168.7.51 logged out
    2017:01:19-21:13:09 ut pop3proxy[26866]: Failed to shutdown SSL connection
    2017:01:19-21:13:09 ut pop3proxy[26859]: Client 192.168.7.51 logged out
    2017:01:19-21:13:09 ut pop3proxy[26859]: Failed to shutdown SSL connection
    2017:01:19-21:13:09 ut pop3proxy[26868]: Client 192.168.7.51 logged out
    2017:01:19-21:13:09 ut pop3proxy[26868]: Failed to shutdown SSL connection
    2017:01:19-21:13:09 ut pop3proxy[26862]: Client 192.168.7.51 logged out
    2017:01:19-21:13:09 ut pop3proxy[26862]: Failed to shutdown SSL connection
    2017:01:19-21:13:09 ut pop3proxy[26872]: Client 192.168.7.51 logged out
    2017:01:19-21:13:09 ut pop3proxy[26872]: Failed to shutdown SSL connection
    2017:01:19-21:13:09 ut pop3proxy[26873]: Client 192.168.7.51 logged out
    2017:01:19-21:13:09 ut pop3proxy[26873]: Failed to shutdown SSL connection
    2017:01:19-21:13:09 ut pop3proxy[26865]: Client 192.168.7.51 logged out
    2017:01:19-21:13:09 ut pop3proxy[26865]: Failed to shutdown SSL connection
    2017:01:19-21:13:09 ut pop3proxy[26869]: Client 192.168.7.51 logged out
    2017:01:19-21:13:09 ut pop3proxy[26869]: Failed to shutdown SSL connection
    2017:01:19-21:13:09 ut pop3proxy[26871]: Client 192.168.7.51 logged out
    2017:01:19-21:13:09 ut pop3proxy[26871]: Failed to shutdown SSL connection
    2017:01:19-21:13:09 ut pop3proxy[26870]: Client 192.168.7.51 logged out
    2017:01:19-21:13:09 ut pop3proxy[26870]: Failed to shutdown SSL connection
    2017:01:19-21:13:17 ut pop3proxy[26893]: Accepted client connection from 192.168.7.51 for 85.124.251.69 (pop.sprit.org Servers server_id 1)
    2017:01:19-21:13:17 ut pop3proxy[26893]: Client 192.168.7.51 logged out
    2017:01:19-21:13:17 ut pop3proxy[26893]: Failed to shutdown SSL connection
    2017:01:19-21:14:31 ut pop3proxy[26990]: Accepted client connection from 192.168.7.51 for 85.124.251.69 (pop.sprit.org Servers server_id 1)
    2017:01:19-21:14:31 ut pop3proxy[26988]: Accepted client connection from 192.168.7.51 for 85.124.251.69 (pop.sprit.org Servers server_id 1)
    2017:01:19-21:14:31 ut pop3proxy[26989]: Accepted client connection from 192.168.7.51 for 85.124.251.69 (pop.sprit.org Servers server_id 1)
    2017:01:19-21:14:31 ut pop3proxy[26998]: Accepted client connection from 192.168.7.51 for 85.124.251.69 (pop.sprit.org Servers server_id 1)
    2017:01:19-21:14:31 ut pop3proxy[26991]: Accepted client connection from 192.168.7.51 for 85.124.251.69 (pop.sprit.org Servers server_id 1)
    2017:01:19-21:14:31 ut pop3proxy[27001]: Accepted client connection from 192.168.7.51 for 85.124.251.69 (pop.sprit.org Servers server_id 1)
    2017:01:19-21:14:31 ut pop3proxy[27003]: Accepted client connection from 192.168.7.51 for 85.124.251.69 (pop.sprit.org Servers server_id 1)
    2017:01:19-21:14:31 ut pop3proxy[26999]: Accepted client connection from 192.168.7.51 for 85.124.251.69 (pop.sprit.org Servers server_id 1)
    2017:01:19-21:14:31 ut pop3proxy[27000]: Accepted client connection from 192.168.7.51 for 85.124.251.69 (pop.sprit.org Servers server_id 1)
    2017:01:19-21:14:31 ut pop3proxy[26996]: Accepted client connection from 192.168.7.51 for 85.124.251.69 (pop.sprit.org Servers server_id 1)
    2017:01:19-21:14:31 ut pop3proxy[27002]: Accepted client connection from 192.168.7.51 for 85.124.251.69 (pop.sprit.org Servers server_id 1)
    2017:01:19-21:14:31 ut pop3proxy[26997]: Accepted client connection from 192.168.7.51 for 85.124.251.69 (pop.sprit.org Servers server_id 1)
    2017:01:19-21:14:31 ut pop3proxy[26990]: Client 192.168.7.51 logged out
    2017:01:19-21:14:31 ut pop3proxy[26990]: Failed to shutdown SSL connection
    2017:01:19-21:14:31 ut pop3proxy[26988]: Client 192.168.7.51 logged out
    2017:01:19-21:14:31 ut pop3proxy[26988]: Failed to shutdown SSL connection
    2017:01:19-21:14:31 ut pop3proxy[26998]: Client 192.168.7.51 logged out
    2017:01:19-21:14:31 ut pop3proxy[26998]: Failed to shutdown SSL connection
    2017:01:19-21:14:31 ut pop3proxy[26991]: Client 192.168.7.51 logged out
    2017:01:19-21:14:31 ut pop3proxy[26991]: Failed to shutdown SSL connection
    2017:01:19-21:14:31 ut pop3proxy[26997]: Client 192.168.7.51 logged out
    2017:01:19-21:14:31 ut pop3proxy[26997]: Failed to shutdown SSL connection
    2017:01:19-21:14:31 ut pop3proxy[26989]: Client 192.168.7.51 logged out
    2017:01:19-21:14:31 ut pop3proxy[26989]: Failed to shutdown SSL connection
    2017:01:19-21:14:31 ut pop3proxy[27003]: Client 192.168.7.51 logged out
    2017:01:19-21:14:31 ut pop3proxy[27003]: Failed to shutdown SSL connection
    2017:01:19-21:14:31 ut pop3proxy[27001]: Client 192.168.7.51 logged out
    2017:01:19-21:14:31 ut pop3proxy[27001]: Failed to shutdown SSL connection
    2017:01:19-21:14:31 ut pop3proxy[27002]: Client 192.168.7.51 logged out
    2017:01:19-21:14:31 ut pop3proxy[27002]: Failed to shutdown SSL connection
    2017:01:19-21:14:31 ut pop3proxy[26996]: Client 192.168.7.51 logged out
    2017:01:19-21:14:31 ut pop3proxy[26999]: Client 192.168.7.51 logged out
    2017:01:19-21:14:31 ut pop3proxy[26996]: Failed to shutdown SSL connection
    2017:01:19-21:14:31 ut pop3proxy[27000]: Client 192.168.7.51 logged out
    2017:01:19-21:14:31 ut pop3proxy[27000]: Failed to shutdown SSL connection
    2017:01:19-21:14:31 ut pop3proxy[26999]: Failed to shutdown SSL connection

  • 0 in reply to arash guru

    Hi,

     

    "vor allem habe probleme mit iphone und ipad"

     

    Bedeutet dies, die anderen Clients funktionieren?

     

    Hast du das Certificate, dass du hier für POP3 verwendest, auch auf die Clients ausgerollt? 

     

    Gruß Luca. 

    __________________________________________________________________________________________________________________

Unfiltered HTML