I noticed under smtp proxy logs, that sophos (UTM9) perpetually try to connect to my mail adress given on fresh wizard install (propably to send notifications). Im not able to stop it or change this email adress to another. Sophos did it (with no avail) so often that i got my IP blocked by remote mail server!
SMTP proxy log:
sophos exim-out[9705]: 2021-06-02 19:01:00 1loS7o-0006Fb-6B H=mx.wp.pl [212.77.101.4]:25: SMTP error from remote mail server after initial connection: 550 [IP:A.B.C.D] mail from your IP address is administratively disabled.
Settings:
Menu->Email Protection -> SMTP -> status OFF
Menu->Management->Notifications->Global->Notification recipient -> EMPTY field (nothing is there) /Advanced TAB there also turned OFF
Menu->System Settings->Administration email address ->changed to another email address (didnt help)
Menu->Email Protection-> Mail manager -> all SMTP SPOOL cleared/deleted
Shell-> nslookup works properly and resolve all adressess.
Sophos restarted - didnt help.
Question is:
How to stop connections by sophos to this one particular MX server (my mail given at startup install) OR how to change it to another email address? i cant find any other settings to change notification mail, or stop all this spam nightmare to remote smtp server.
sophos exim-out[11227]: 2021-06-02 19:19:00 1loS7o-0006Fb-6B == myemail@wp.pl R=dnslookup T=remote_smtp defer (-53): retry time not reached for any host for 'wp.pl'
At present, i even cant find any mention of "myemail@wp.pl" in any file conf on sophos (grep /etc/*), but it somehow knows it and try to connect there all the time.
This thread was automatically locked due to age.
