This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Check logs for outbound SMTP traffic

Hello,

We have an old linux server we use to send emails with. It was set up by an employee who is no longer with the company, and no one has the login. We think we have moved all of our services off this server, so we think it is no longer being used. Is there a way to find out for sure that this linux server is no longer sending emails? Can I look through the logs for outbound traffic on port 25? I'm in the Sophos Central --> Firewall Management --> Report Generator and see a bunch of templates. I also see a query field below that. If I fill out a query, is that only querying against the template, or does this custom field bypass the template? I  just put the source IP of the mail server in there, choose last 7 days, and generated the report. Am I going about this the right way?



This thread was automatically locked due to age.
Parents Reply Children
  • Logviuewer has many tabs.

    Ian

    XG115W - v20 GA - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.

  • I see now. I guess I call those "drop-downs". So does the email section in log viewer show all smtp connections going through it by default, or do I have to be using Sophos email protection for any data to be here? Regardless, my reports partition kept filling up and wasn't deleting old data, so I had to literally uncheck every"local" checkbox in the log options to send to the cloud instead. There are no logs being kept on the firewall anymore and I can't find in Report Generator where to see what IP connections if any are going to this SMTP server. I can find areas that show neat colorful graphs and it shows the AMOUNT of SMTP connections, but no source/destination IPs -- what I'm really trying to find.