This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

smtp auth; who ,how, why and when?

Hello,

Using exchange 2010

2x Rx connectors

  • internal network
  • gateway, anonymous permissions only.

All users use Outlook, some users work from home, most users have email on their phones. Occasionally I use OWA from the outside world.

UTM SGxxx, configured for smtp proxy, no ISP smart host

There is one website with a user enquiry form.

I have no test environment so I am loath to poke around too much. 

Questions:

Does exchange need the UTM nominated as a smart host and Why?

Does the UTM need to accept smtp auth from the internet for the outlook services described above?

  • if No? how do I turn it off (this question arises due to around 7 regular "Too many failed logins from xxx for facility smtp, blocked for 24hrs") but still allow the website enquiry form to pass.

Cheers

 



This thread was automatically locked due to age.
Parents
  • We have a disagreement with Bob about using Standart mode or Transparent mode. But consider my recomandation below  if  Exchange Server is the only one who will send emails to the outside world. And if you said that you want the best from UTM and make it a real Smarthost

    1 Check Transparent Mode

    2 In relaying tab, put only exchange IP

    3 Delete or Disable any firewall rule about SMTP

    4 Delete any DNAT rules about SMTP

    Don't confuse smtp rules with OWA access (https 443 with SMTP 25

    You can still leave the rules active, but they are useless while "Transparent Mode" is enabled, and they will confuse you, not UTM.

    To regulate traffic for one specific host-ip (like scanner or printer) with firewall rules, you have to exclude it from Transparent Mode.

    There you have the option to blacklist a specific host, no need to make firewall rule to drop traffic on smtp traffic for that specific host

    Thats it :)

  • Olsi, when you have the Proxy in Transparent mode, is it possible for an internal workstation to send email to an external server if 25/465/587 are blocked by the firewall?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • If the internal Host is In "Allowed Relayed List", Yes

    You have to exclude it from "Transparent" to make it subject of Firewall Rules.

    It is like Country Blocking or Web Proxy Bob. Firewall

    Rules are the last in hierarchy

Reply Children
No Data