Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Can't get email notifications to work.

Anyone who can help me figure out why my email notifications won't work?

I'm using the same email config that I use on other servers and they work just fine.

I'm using Microsoft hosted Exchange, and I am using :-

Mail Server : smtp.office365.com Port : 587

Username my usual

Password my usual

Connection/Security (I've tried all options!)

Certificate - I've tried Appliance Certificate and None

I get an error saying failed to connect to mail server. Do I need to create a rule or something? I have the Webfilter off and I have the Application filter set to Allow All, but I also set that to None too just in case.



This thread was automatically locked due to age.
  • Hi psykix,

    Can we make sure that the XG firewall is accepted/allowed to send email on the Exchange side? The XG host may not be permitted to send emails; I believe it is a security feature on the Exchange side.
  • My email is working fine from Outlook and also Apple Mail. The Exchange server is hosted, not behind the XG Firewall. I do have servers behind the Sophos firewall which are sending email notifications just fine. However I cannot get the Sophos XG notifications to work at all!
  • I'm getting a similar error and opened a support ticket. I found two problems:

    1. Firstly the DNS server I was using couldn't resolve smtp.office365.com so I did an nslookup and just used the IP, that allowed me to connect. I switched the XGs primary DNS to 8.8.8.8 and now all of a sudden it seems it can resolve the FQDN (weird). But I could now connect to office 365 via port 587 with authentication using STARTTLS
    2. Secondly, a new problem arose is that the sending would fail because of the following error "Authentication method mismatch. Please confirm the authentication method support for LOGIN or PLAIN on the mail server".

    I tried anything and everything available to me to try and get around this problem both on Office 365 and on the XG. I cannot seem to enable PLAIN method on Office 365 but all evidence points to that the LOGIN method is supported. I found in a Cyberoam thread that they had to physically change the authentication method in a Cyberoam product found here: https://www.redmine.org/boards/2/topics/38755

    I believe that the method being used by Sophos for this Notifications section is PLAIN only and the error message does not match what is actually occurring. I am awaiting response from Support to see what's happening under the hood here. As soon as I know an answer I'll update my comment on this thread.

  • Was there ever a resolution to this? I am having the same issue.
  • Hi, unfortunately not but my case has been escalated within Support.

    To get round this, I made a receive connector on Office 365 from our external IP in Mail Flow > Connectors and I had to turn off verifying the subject name because it requests the TLS which the XG can't work with and just having the single IP that is sending the email.
  • Your workaround seems unsecure. Is it? Did support ever get back with you?

  • My fix was to change from 587 because something happened in v16 that stops 587. 587 was not an issue in v15, so some unidentified change/fix has removed the 587 port from the mail proxy list.

    XG115W - v20.0.3 MR-3 - Home

    XG on VM 8 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.