Thread Info
  • State Not Answered
  • Replies 5 replies
  • Subscribers 5 subscribers
  • Views 2742 views
  • Users 0 members are here
Options
Suggested

Scan email content: "Common ports missing from Services"

shred

I'm not sure if this is expected behavior but it seems a bit odd to me. If I create a firewall rule with the 'Services' to to 'Any' and subsequently select some options under 'Scan email content' such as 'Scan POP3' (this applies to any of the options), there's a small text dialog that says "Common ports missing from Services for POP3". If I click 'Add Ports', it will add 'POP3' to 'Services' thus removing 'Any'.

It would seem if I already have services set to 'Any', I shouldn't be getting the small text dialog prompting me to add POP3 ports.

Parents Reply Children
  • 0 in reply to rfcat_vk

    I agree with Ian.

    This is the expected behaviour. I really like the option that if the user is not an expert, a message will be shown to add the proper ports in the services.

    I guess that after the v18 official release, a proper KB on "how to scan IMAP/POP/SMPT" will be created. At the moment, the only KB available works for v16+.

    https://community.sophos.com/kb/en-us/123274

    In v18, the email client scanning firewall rule has been changed.

  • 0 in reply to lferrara

    I really like this version of the firewall. And I like the option, but sometimes even an expert (no matter how perfect you are) can be in a hurry and a simple mistake can bring a network to a halt. Having the firewall show that message is great and I don't want that to change. But in my opinion, I think that any should be seen as valid.

    I did some testing and it seems to only be the Any service/port that it overwrites and ignores as being a valid service/port. If I have http and https, then it adds the new ports without overwriting the existing services/ports. If some of the ports are already there, then it only adds the ones that are missing.

     

    Is it really difficult to say any is valid for the email ports?

     

    Regards,

    William

  • 0 in reply to TorvaFirmus

    I agree with that.

    As improvement, when the email scanning checkbox are selected, the UI should remove everything from the services and leave only "SMTP/S, POP3/S and so on".

    Can someone from Sophos take a look at this thread and report the improvement?

    Thanks

Unfiltered HTML