quarantined email release fails

Releasing has recently gone wrong on my macos Sierra machine.

Tried it with Safari, Firefox and Chrome but all fail:

Safari:
Safari Can't Open the Page "https://<fqdn>:3840/release.plc?proto=smtp&mp;cluster_id=0&amp;message_id=1c2X06-0006pM-MV&amp;size=3469&amp;whitelist;0" because Safari can't establish a secure connection to the server "<fqdn>".

Firefox:
Secure Connection Failed
An error occurred during a connection to vgk.rcan.nl:3840. SSL received a record that exceeded the maximum permissible length. Error code: SSL_ERROR_RX_RECORD_TOO_LONG

 

Chrome:
This site can’t provide a secure connection
<fqdn> sent an invalid response
Try running Network Diagnostics.
ERR_SSL_PROTOCOL_ERROR

 

Update:

Now, a day later I found out that Safari is redirecting the http://<fqdn>:3840 to a https request. Odd. anyone experiencing similar issue?

 

Adrie

  • Hi Adrie,

    No instance yet discovered. I will check with support if any relevant case is reported.

    Thanks

  • In reply to sachingurung:

    Did support have any idea what causes safari to redirect http into https?

  • Hi Adrie,

    No issue reported yet. Check in the smtp.log when you release the quarantined mail, do you see any errors? 

    "Releasing has recently gone wrong on my macos Sierra machine." Did you mean that the emails are releasing perfectly through a Windows system?

    Thanks

  • In reply to sachingurung:

    I wouldn't know, I do not have access to a windows PC. 

    What I know is that, on the same macos machine, Firefox and Chrome are working.

    Cheers. Adrie

  • In reply to AdrieRijnart:

    Hi Adrie,

    Your last response contradicts your actual question. All the three browser were not able to release emails as per your question!

    Thanks

  • In reply to sachingurung:

    Hi,

    Initially I thought it concerned any browser on my mac, but as I stated in the Update in that message I found out it only happens with Safari.

    I recently found out that if I use a hostname, Safari will use https even if i type http://fqdn:3840/....

    Last week I logged into the utm and learned that https is not configured for quarantine release.

    A solution would be to have sophos configure https too!

     

    Ciao.

  • In reply to AdrieRijnart:

    "Last week I logged into the utm and learned that https is not configured for quarantine release.

    A solution would be to have sophos configure https too!"

    Is your issue resolved?  I can't remember a time when the links in the Quarantine Report weren't https, so I'm confused by your comments I've quoted.

    Cheers - Bob

  • In reply to BAlfson:

    Hi Bob,

    The hasn't been resolved. Well that is strange while the virtualhost only defines the http host and the link in the release mail is "http://..." too.

     

    Do you have a suggestion to solve this?

     

    Regards. Adrie

  • In reply to AdrieRijnart:

    Well, you're right - thanks!  I've always assumed it was HTTPS and I knew it hadn't changed.

    Try a Google on stop chrome from redirecting to https.

    Cheers - Bob

  • In reply to BAlfson:

    :/

    Thanks.

    Actually it the problem occurs with Safari and I have google'd it, but found no solution.

     

    Adrie

  • In reply to AdrieRijnart:

    The first three results on google.com and google.nl are the same, and each describes what to do.

    Cheers - Bob

  • In reply to BAlfson:

    I have had my chances with google a couple of times before, thank you  :p

     

    I did try the suggestions with HSTS and cache clearing etc. but none of the suggestions solved my issue.

     

  • In reply to Adri Rijnart:

    I'm sorry that those weren't helpful, Adrie.  I don't ever remember this being an issue here though, so I have no other suggestion.  It works perfectly in Safari on my iPhone.

    Cheers - Bob

  • In reply to BAlfson:

    For the moment I entered the ipv4 address instead of the fqdn. 

  • In reply to Adri Rijnart:

    En het werkte?

    That points to a problem with DNS  configuration.   How does your setup differ from DNS Best Practice?

    Cheers - Bob