Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Sophos XG Bug: Cannot send Backups using Amazon SES

Hi Folks,

Sophos XG appears to have a bug where it doesn't interact with some SMTP servers properly.

In this case Amazon SES (Simple Email Services) cannot be used with Sophos XG for sending Backups. Other notifications work fine but backups generate the following SMTP error: 

2024-03-30 22:57:43.705Z [1390] rTNXBs-m6OVmh-6I ** rhys@myemail.xyz F=<fwxg01@mydomain.com> P=<fwxg01@mydomain.com> R=router_for_notifications T=notification_smtp H=email-smtp.ap-southeast-2.amazonaws.com [3.24.9.22]:587 I=[123.124.125.126]:50972 X=TLS1.3:TLS_AES_256_GCM_SHA384:256 CV=yes DN="/CN=email-smtp.ap-southeast-2.amazonaws.com": SMTP error from remote mail server after end of data: 554 Transaction failed: In parameter list <0x000d0x000a name="Backup_[Serial]_SO01_SFOS-20.0.0-GA-Build222_31Mar2024_11.57.24">, expected ';', got "name" DT=1.168s

It appears that there is something malformed in the backup emails which is non-compliant with the SMTP protocol which AWS enforces rigorously. 

I am running the free home license so cannot log a support call. This issue has been raised elsewhere in the forum, but we don't yet have a fix The value that the free license brings to the wider Sophos ecosystem is that tech enthusiasts like me, can spend our own time troubleshooting and diagnosing issues and then report them here in the forum. I know the Sophos team values the wider Sophos community so I do hope they will take the opportunity to improve the product for all and resolve this issue.

Kind Regards

Rhys



Added TAGs
[edited by: Erick Jan at 4:32 AM (GMT -7) on 3 Apr 2024]
Parents
  • Hello  ,

    Thank you for reaching out to the community, SMTP error 554 indicates that the mail server did not accept the email. Several reasons typically cause this error: Invalid Recipient Address - There are invalid recipient email addresses; in rare cases, the recipient email address may have been suspended or disabled. It could also be BAD DNS record, blocklist, policy violation..etc. So verify the email address, SPF, DKIM or DMARC records, blacklist, syntax...

    Please double check with the syntax, for further troubleshooting you can also a log a service request.

    We have locked an investigation at: NC-133157.

    Thanks & Regards,
    _______________________________________________________________

    Vivek Jagad | Team Lead, Global Support & Services 

    Log a Support Case | Sophos Service Guide
    Best Practices – Support Case


    Sophos Community | Product Documentation | Sophos Techvids | SMS
    If a post solves your question please use the 'Verify Answer' button.

  • Hi Vivek, thanks very much for your response.

    In this case it appears that the message for backups being created by Sophos XG is not confirming to an acceptable level. The problem only occurs when sending backup files. Using the same SMTP server configuration and the same target email address, notifications and the test notification email is working correctly, so this is specific to backups.

    I'm not allowed to log a support request as I'm a home user. However, as more people deploy Sophos XG to the AWS cloud, it will be important to solve this issue because people will want to use the AWS SES service for email.

    Is there any way you could log a support case on behalf of this thread?

    Kind regards,

    Rhys

Reply
  • Hi Vivek, thanks very much for your response.

    In this case it appears that the message for backups being created by Sophos XG is not confirming to an acceptable level. The problem only occurs when sending backup files. Using the same SMTP server configuration and the same target email address, notifications and the test notification email is working correctly, so this is specific to backups.

    I'm not allowed to log a support request as I'm a home user. However, as more people deploy Sophos XG to the AWS cloud, it will be important to solve this issue because people will want to use the AWS SES service for email.

    Is there any way you could log a support case on behalf of this thread?

    Kind regards,

    Rhys

Children