Outlook : Sent test email message : The server responded : 550 Administrative prohibition (SMTP 465)

 Hi guys, im so sorry im new to this but i got my new setup for outlook but i cant use it due to my sophos utm 9 firewall block it

i tried to create Firewall rule and NAT masquerading and NAT rule but still not working maybe my setup is wrong.. anyone could help me to solve this issue..

 

HERE'S THE OUTLOOK SETTING:

Incoming Mail Server: mail72.extendcp.co.uk (79.170.44.72)

POP3 port: 995 / IMAP:993

Outgoing Mail Server: mail72.extendcp.co.uk (79.170.44.72)

SMTP port: 465

Secure Sockets Layer (SSL): On 

Also use Password for Authentication method

 

Thank you!

  • Hi  

    If you're using the Email Protection module in the UTM 9, please refer to this KBA: Sophos UTM: Email Protection Basics.

    If you're not, then a simple masquerading rule and a Firewall rule to allow the traffic from your Source machine with Services as Specified in your outgoing mail server and destination as mentioned in the same config would allow the traffic to pass through the firewall. I'd also recommend reading this amazing guide here by Bob.

  • In reply to Jaydeep:

    Live Log: Intrusion Prevention System
    Filter:  
      Autoscroll
    Reload
    2019:08:22-00:05:54 utm ulogd[24051]: id="2102" severity="info" sys="SecureNet" sub="ips" name="portscan detected" action="portscan" fwrule="60017" initf="eth1" outitf="eth1" srcmac="00:14:a9:23:24:21" dstmac="00:1a:8c:41:6b:3d" srcip="185.53.88.42" dstip="202.124.147.194" proto="17" length="442" tos="0x08" prec="0x20" ttl="41" srcport="5530" dstport="7860"
    2019:08:22-00:05:54 utm ulogd[24051]: id="2102" severity="info" sys="SecureNet" sub="ips" name="portscan detected" action="portscan" fwrule="60017" initf="eth1" outitf="eth1" srcmac="00:14:a9:23:24:21" dstmac="00:1a:8c:41:6b:3d" srcip="185.53.88.42" dstip="202.124.147.195" proto="17" length="442" tos="0x08" prec="0x20" ttl="41" srcport="5530" dstport="7860"
    2019:08:22-00:05:54 utm ulogd[24051]: id="2102" severity="info" sys="SecureNet" sub="ips" name="portscan detected" action="portscan" fwrule="60017" initf="eth1" outitf="eth1" srcmac="00:14:a9:23:24:21" dstmac="00:1a:8c:41:6b:3d" srcip="185.53.88.42" dstip="202.124.147.197" proto="17" length="442" tos="0x08" prec="0x20" ttl="41" srcport="5530" dstport="8260"
    2019:08:22-00:05:54 utm ulogd[24051]: id="2102" severity="info" sys="SecureNet" sub="ips" name="portscan detected" action="portscan" fwrule="60017" initf="eth1" outitf="eth1" srcmac="00:14:a9:23:24:21" dstmac="00:1a:8c:41:6b:3d" srcip="185.53.88.42" dstip="202.124.147.198" proto="17" length="442" tos="0x08" prec="0x20" ttl="42" srcport="5530" dstport="7860"
    2019:08:22-00:05:55 utm ulogd[24051]: id="2102" severity="info" sys="SecureNet" sub="ips" name="portscan detected" action="portscan" fwrule="60017" initf="eth1" outitf="eth1" srcmac="00:14:a9:23:24:21" dstmac="00:1a:8c:41:6b:3d" srcip="185.53.88.42" dstip="202.124.147.200" proto="17" length="442" tos="0x08" prec="0x20" ttl="41" srcport="5530" dstport="8360"
    2019:08:22-00:05:55 utm ulogd[24051]: id="2102" severity="info" sys="SecureNet" sub="ips" name="portscan detected" action="portscan" fwrule="60017" initf="eth1" outitf="eth1" srcmac="00:14:a9:23:24:21" dstmac="00:1a:8c:41:6b:3d" srcip="185.53.88.42" dstip="202.124.147.201" proto="17" length="441" tos="0x08" prec="0x20" ttl="41" srcport="5530" dstport="7860"
    2019:08:22-00:05:55 utm ulogd[24051]: id="2102" severity="info" sys="SecureNet" sub="ips" name="portscan detected" action="portscan" fwrule="60017" initf="eth1" outitf="eth1" srcmac="00:14:a9:23:24:21" dstmac="00:1a:8c:41:6b:3d" srcip="185.53.88.42" dstip="202.124.147.202" proto="17" length="442" tos="0x08" prec="0x20" ttl="42" srcport="5530" dstport="7860"
    2019:08:22-00:05:55 utm ulogd[24051]: id="2102" severity="info" sys="SecureNet" sub="ips" name="portscan detected" action="portscan" fwrule="60017" initf="eth1" outitf="eth1" srcmac="00:14:a9:23:24:21" dstmac="00:1a:8c:41:6b:3d" srcip="185.53.88.42" dstip="202.124.147.204" proto="17" length="442" tos="0x08" prec="0x20" ttl="42" srcport="5530" dstport="7860"
    2019:08:22-00:05:55 utm ulogd[24051]: id="2102" severity="info" sys="SecureNet" sub="ips" name="portscan detected" action="portscan" fwrule="60017" initf="eth1" outitf="eth1" srcmac="00:14:a9:23:24:21" dstmac="00:1a:8c:41:6b:3d" srcip="185.53.88.42" dstip="202.124.147.205" proto="17" length="438" tos="0x08" prec="0x20" ttl="41" srcport="5530" dstport="8260"
    2019:08:22-00:05:57 utm ulogd[24051]: id="2102" severity="info" sys="SecureNet" sub="ips" name="portscan detected" action="portscan" fwrule="60017" initf="eth1" outitf="eth1" srcmac="00:14:a9:23:24:21" dstmac="00:1a:8c:41:6b:3d" srcip="185.53.88.42" dstip="202.124.147.207" proto="17" length="442" tos="0x08" prec="0x20" ttl="41" srcport="5530" dstport="8260"
     
    Here's the log.. can anyone help me.. to analyze this log.. to unblock the SMTP 465.. please! 
  • Hi Jojie and welcome to the UTM Community!

    The lines in the Intrusion Prevention log are not related to the issue that led you to start this thread.

    If you're using either the POP3 or SMTP Proxy, please show pictures of the Edits of the relevant configuration.  Also, pictures of the Edits of your Firewall and NAT rules.

    "Also use Password for Authentication method" - which password, for what and where?

    Cheers - Bob

  • In reply to BAlfson:

    Firewall Rule:

    Masquerading:

    Outlook Setup (From our Email Provider):

    Incoming Mail Server: mail72.extendcp.co.uk (79.170.44.72)

    POP3 port: 995 / IMAP:993

    Outgoing Mail Server: mail72.extendcp.co.uk (79.170.44.72)

    SMTP port: 465

      

    and Here's the Error:

     

    Im not sure to this one:

     

    Did i miss something..? Thank you!

  • Did your Outlook profile (additoinal settings) specify that your outgoing server requires authentication?

  • In reply to Jojie Binuya:

    I bet Doug's answer is what you needed.  Your NAT and firewall rules should do what you need, but they include things you don't need.  Since you have "Any" in the firewall rule, including those other Services is redundant.  Because you have the Masquerading and firewall rules, the SNAT is redundant and should be deleted.

    Cheers - Bob
    PS Moving this to the Network Protection forum since neither the SMTP or POP3 proxies is in use.

  • In reply to BAlfson:

    Hi honestly i also noticed that but thank you so much for this info, by the way the real cause of this issue is our Public IP address

     

    It is blacklisted and we found out using MXtool

     

    Thank you everyone!