Helo world,
I am trying to use the Email Protection of a Sophos UTM as a replacement for an aging Barracuda Spam Firewall on which the license will go dark on Jan. 30 and will not be renewed. Sophos Email Protection is my first choice as the company desires migrating to all Sophos UTM hardware in the near future and is working with a Partner. My backup solution is a VM from mailcleaner.org but I really want the Sophos UTM to work. I would love to open a support ticket, but alas I am only using a trail version until...I can prove it actually works so I can get the PO approved for the Sophos hardware.
In my testing it is working except for one important thing. When setting up the SMTP Proxy, I of course wish to use the Recipient Verification With Callout to prevent the huge amount of spam sent to invalid recipients from ever being sent to the destination mail server as this is one of the main reasons to use an SMTP Proxy (a.k.a. Spam Firewall), but it is not working as expected. The Sophos UTM and the destination mail server are both on public static IPs resolvable with reverse DNS, and there is currently no way to move the hosted cPanel that runs the destination mail server behind the Sophos UTM. I am not sure if this is part of my problem or not since mail is flowing. UTM Version I am using is latest 9.306-6 and cPanel Exim is 4.82
The User Guide States:
Recipient Verification
Verify Recipients: Here you can specify whether and how email recipients are to be verified.
With Callout: A request is sent to the server to verify the recipient.
User Guide never states which server but the assumption is that it would get verification from the actual destination mail server as the sending server and the UTM would have no knowledge of if a recipient is valid or not.
Can someone please clarify if my assumption is correct and if so, I can confirm that is not what actually seems to be happening. Instead, the Live Log would seem to indicate that the verification is done by the sending server and it succeeds and then proceeds to Greylisting and then delivers the email to the work queue and sends it to the destination server even if the user does not exist. This makes no sense. How can an address that does not exist on the destination mail server get verified and from whom???
Additionally, a tail of the Exim mainlog on the destination server shows no evidence of ever being asked to perform a recipient verification and only shows the mail being received after it leaves the UTM. For non-existent mail accounts, the destination mail server log shows "Unrouteable address" and bounces a permanent error message to sender which sender receives. For mail accounts that exist, the message is delivered as expected.
I will post some of the logs in a moment, but I sure would appreciate some help. Thanks!
This thread was automatically locked due to age.