Hi guys,
Me, back with another thread.
My small lab is growing steadily recently with Sophos taking the lead.
I use the Sophos as SMTP Relay for Exchange 2010.
The Sophos is setup:
Routing > Allowed domain
Routing by static host > Exchange
Hostbased Relay > Exchange
Authenticated relay > Username (defined in sophos)
SMTP hostname > Sophos FQDN
Dataprotection, Antispam and Antivirus tweaked as needed.
The Exchange:
Hub trunsport > Custom
Route Mail > *
Smart Host > IP.SO.PH.OS
Basic TLS Auth > Username (defined in sophos)
I've been able to route emails with the current setup until recently updated the certificate on the Exchange.
No from the Sophos SMTP live logs I am getting:
2014:08:09-01:10:15 remote exim-in[5175]: 2014-08-09 01:10:15 exim 4.76 daemon started: pid=5175, no queue runs, listening for SMTP on port 25 (IPv4) port 587 (IPv4) and for SMTPS on port 465 (IPv4)
2014:08:09-01:10:47 remote exim-in[5175]: 2014-08-09 01:10:47 SMTP connection from [192.168.0.30]:18030 (TCP/IP connection count = 1)
2014:08:09-01:10:47 remote exim-in[11483]: 2014-08-09 01:10:47 SMTP connection from [192.168.0.30]:18030 closed by QUIT
And from the Exchange logs, for the queued emails I am getting:
The last attempt to send the message was at 8/9/2014 12:57:29 AM (UTC+10:00) Canberra, Melbourne, Sydney and generated the error '451 4.4.0 Primary target IP address responded with: "454 4.7.5 Certificate validation failure." Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts.'.
Reseting Sophos/Exchange didn't help. Exchange works fine without relay and/or without TLS authentication.
Why did the Sophos broke? I never installed/accepted SSL cert on the Sophos....
This thread was automatically locked due to age.
