This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

sophos cant stop sending mail to remote server

I noticed under smtp proxy logs, that sophos (UTM9) perpetually try to connect to my mail adress given on fresh wizard install (propably to send notifications). Im not able to stop it or change this email adress to another. Sophos did it (with no avail) so often that i got my IP blocked by remote mail server!

SMTP proxy log:

sophos exim-out[9705]: 2021-06-02 19:01:00 1loS7o-0006Fb-6B H=mx.wp.pl [212.77.101.4]:25: SMTP error from remote mail server after initial connection: 550 [IP:A.B.C.D] mail from your IP address is administratively disabled.

Settings:

Menu->Email Protection -> SMTP -> status OFF

Menu->Management->Notifications->Global->Notification recipient -> EMPTY field (nothing is there)    /Advanced TAB there also turned OFF

Menu->System Settings->Administration email address ->changed to another email address (didnt help)

Menu->Email Protection-> Mail manager -> all SMTP SPOOL cleared/deleted

Shell-> nslookup works properly and resolve all adressess.

Sophos restarted - didnt help.

Question is:

How to stop connections by sophos to this one particular MX server (my mail given at startup install) OR how to change it to another email address? i cant find any other settings to change notification mail, or stop all this spam nightmare to remote smtp server.

sophos exim-out[11227]: 2021-06-02 19:19:00 1loS7o-0006Fb-6B == myemail@wp.pl R=dnslookup T=remote_smtp defer (-53): retry time not reached for any host for 'wp.pl'

At  present, i even cant find any mention of "myemail@wp.pl" in any file conf on sophos (grep /etc/*), but it somehow knows it and try to connect there all the time.



This thread was automatically locked due to age.
Parents
  • Cześć,

    Potentially in several places:

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • THX for reply.

    I knew 2 upper settings options and I  wasnt aware third. BUT it regards to weekly reporting so it shouldnt have anything to do with almost every minute connections to MX  wp.pl. Also i turned off every computer in my network which could use sophos as smtp proxy..

    Until today I have no explain to this very strange behavior. In my opinion there was/is somewhere a bug in soft which set wizard mail as permanent or something wrong with looping invisible for user deffered mail queue? Without help here I had to reinstall sophos again (fortunatelly its for home use) and now it works as intended.

  • Congratulations - good news!  I would also run malware scans on your internal devices.

    Please let us know your results.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • Congratulations - good news!  I would also run malware scans on your internal devices.

    Please let us know your results.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children