This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

MS exchange delivery reports get caught by SG125 as BATV REJECTED

Hi everyone

One of our costumers has an SG125 sophos, everything works brilliant. But from since a few days we cannot receive delivery reports to any emails we send.

I was checking the mail quarantine and the SMTP log tab states that the "delivered" notification messages are getting Rejected: BATV.

I'm in the 9.411-3 firmware now.

How can I overcome this issue?

Thanks in advance.



This thread was automatically locked due to age.
  • Not sure I completely understand the scenario or where the reports originate from, but there is a couple of "rule of thumb" in regard to batv and smtp proxy:

     

    As far as I recall, if BATV is set to ON but Transparent Mode is OFF, any autorespond messages will get: "Rejected: BATV (Missing, invalid or expired BATV signature)"

    Don't think you can overcome this unless you configure antispam exceptions for emails originating from the mail server generating the reports, which is almost impossible if they are originating from customers email servers.

    It's default for most email servers to replace the users email with <null> when talking about out of office and delivery report including NDR's, meaning the message cannot be signed.

     

    So either this is caused by a change in the email server configuration for delivery reports ( the null thing ) or someone made a change to the smtp proxy making it intercept all internal emails instead of just those outgoing from your mailserver.

     

    That's the best I can think of at the moment.

  • Hi, Nuno, and welcome to the UTM Community!

    There is a situation where I recommend deselecting 'Use BATV' on the 'Antispam' tab:

    • Incoming mail is received by the SMTP Proxy.
    • Outgoing mail is not sent through the SMTP Proxy.  This is often the case with externally-hosted email.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • HI paul jensen

    Indeed we have transparent mode OFF.

    I have turned batv OFF also and up to now all delivery reports arrive fine.

     

    Thank you very much for the tip.

    Best regards and good job to everyone.