Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 4 subscribers
  • Views 11975 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

utm email protection and postfix internal mail server

Eli Yakobov

hi

i want to implement sophos email protection

i have sophos utm 9.505 already installed

my internal mail server  : postfix on ubuntu 14 server with virtual users and virtual domain

now i am using spamassasin and clamav on the same server,and i want  to separate antivirus/antispam using sophos email protection

i configured email protection in utm: 

global>simple mode

routing>domains>my internal domain name

routing>host list>my internal mail server

i configure nat for imap/imaps to internal mail server(for external mobile an outlook clients)

when i receive mail from servers its work fine server like google mail>utm>internal reciep's

but  client like outlook or mobile device that sending mail via 25 port is fails to send mails

in the email protection logs i see "relay not permitted"...the client is trying sending via sophos relay and not internal relay

how can i configure that the client will relay internal mail server for sending mail and it will not automatic relay sophos utm to send mails?

thanks



This thread was automatically locked due to age.
Parents
  • 0

    Clients should be submitting their messages to your mail server, not to UTM.  

    Have you given the same host name to both your mail server and UTM?  This will also cause problems.

    The message means that something is trying to send, claiming to be  from your domain, without going through your mail server.

  • 0 in reply to DouglasFoster

    its not same host

    i will correct my problem:

    lan lag sophos FW 192.168.1.1

    wan lag sopos fw ( ppoe connection,inet ip adress,its also public inet MX)

    mail server lan ip 192.168.1.100

    email protection in utm: 

    global>simple mode

    routing>domains>my EXTERNAL domain

    routing>host list>my internal mail server ip adress 192.168.1.100

    i configure nat for imap/imaps to internal mail server(for external mobile an outlook clients from internet)

    when someone send mail from servers like google mail server its work fine: google mail server looking public MX >public MX point to sophos wanlag internet ip>email protection check receip's,scaning >move on to mail server on lan

    but, i have outlook client and mobile clients (who is coming from internet area)

    outlook configuration is : smtp -ip adress of my FW wan lag

    imap-ip adress of my FW wan lag

    and its not work...smtp connection from outlook trying to relay sophos..and not internal mail server. authentication procees for relaying rights must be point to internal  server,and its try to check relaying rights just on sophos email service...

    when iam working with nat(without email protection) ,its work smtp/smtpd point to internal mail server and working

     

  • 0 in reply to Eli Yakobov

    Hi, Eli, and welcome to the UTM Community!

    Please compare your configuration to Basic Exchange setup with SMTP Proxy.  Also, show us pictures of the Edits of the relevant NAT rules.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to Eli Yakobov

    This happens because UTM owns port 25 if "transparent mode" is checked. Try to reach the internal mail server with different port with a dnat rule. Or see authenticated users in advanced tab

  • 0 in reply to Eli Yakobov

    Configuring outside outlook with https access, will be the best way. Same inbox and other mailbox features

Reply Children
No Data
Unfiltered HTML