MTA sends SMTP-Packets without an IP-Address (0.0.0.0)

Hello,

in the last few days we have repeatedly had the problem that the MTA has sent the SMTP-Packets to our internal Exchange-Server without an IP-Address (0.0.0.0). We use version 19 (SFV4C6 / 19.0.0-B317) as VM in Hyper-V.

We can only solve the problem by restarting the service with the following command:

  • service smtpd:stop -ds nosync
  • service smtpd:start -ds nosync

However, restarting the firewall does not solve the problem.

Does anyone have an explanation for this? Unfortunately, as is so often the case, Sophos-Support was unable to help us.

Thanks!



Edited TAGs
[edited by: emmosophos at 6:23 PM (GMT -7) on 23 May 2022]
Parents
  • Try to switch to Legacy Mode and back to MTA mode. This will create a firewall rule for SMTP scanning and this rule should attach an IP. 

    __________________________________________________________________________________________________________________

  • Hi Toni,

    which rule is specifically required for the MTA? The firewall rule is probably only required if the outbound SMTP-Traffic is to be checked transparently. I assume that the NAT-Rule is decisive. Can you confirm it?

  • Essentially MTA is only a module within the Product SFOS. If the MTA tries to send (estabilish) a connection, it is not aware of the Interface + the IP of the interface. 

    The firewall needs a firewall rule to attach this IP of the interface in a sense.

    So you can turn off MTA and turn it back on, it will generate a SMTP scanning rule. This rule is ANY - ANY - SMTP but it will be used for the MTA itself as well.

    You can specific the rule to exclude internal Clients to use this rule. For example you can only use one zone - SMTP, which is your management zone. It should still work, as long as this rule is existing. 

    __________________________________________________________________________________________________________________

Reply
  • Essentially MTA is only a module within the Product SFOS. If the MTA tries to send (estabilish) a connection, it is not aware of the Interface + the IP of the interface. 

    The firewall needs a firewall rule to attach this IP of the interface in a sense.

    So you can turn off MTA and turn it back on, it will generate a SMTP scanning rule. This rule is ANY - ANY - SMTP but it will be used for the MTA itself as well.

    You can specific the rule to exclude internal Clients to use this rule. For example you can only use one zone - SMTP, which is your management zone. It should still work, as long as this rule is existing. 

    __________________________________________________________________________________________________________________

Children
No Data