Sophos UTM and Exchange 2016 inbound email not working

I am trying to test out inbound email filtering, i have set it up in non transparent mode, the routing has my two email domains setup, routed to a static host list to the internal exchange server.

having initially had issues i set up a specific frontend receive connector on exchange 

When mail comes in it get delivered. I can see from the utm mail queue that it says its queued for delivery but never gets delivered to the exchange server, i can see some emails turn up in the SMTP logs on the exchange server but don't get delivered to the mailbox.

As soon as i redirect the WAN NAT to the Exchange server mail flows properly again so its clearly interaction between the UTM and exchange 

  • at the moment it looks like its doing something very weird. Despite having a defined send connector IP address it seems to fail back to the default one which fails it but doesn't give a good reason why. On the positive side i can't see emails disappearing into a black hole now.

    I am in the process of building an edge server to sit in between and see if that will sort out the routing better

  • Figured a way around this. I have put the Exchange edge role in between them and now its working fine so far, blocking stuff it should be and delivery things it should be

  • 9.375-005 just got released :-) Try that:


    Up2Date 9.375005 package description:

    Remarks:
    System will be rebooted
    Configuration will be upgraded
    Connected REDs will perform firmware upgrade
    Connected Wifi APs will perform firmware upgrade

    News:
    Update to 9.4 Beta 2

    Bugfixes:
    Fix [33322]: Duplicate Mails fetched while prefetching and Spamfilter is active
    Fix [35285]: repctl fails to start on slave node - can't use string ("reporting") as a HASH ref
    Fix [35446]: Problems with OpenVPN v2.3.0 and Win8 when client awake from sleep or hibernation mode
    Fix [35474]: AD group cache still contains obsolete group information after update_ad_bg_members.plx is executed
    Fix [35606]: French keyboard layout not detected in HTML5 portal RDP connections
    Fix [35785]: ctasd still segfaults after applying fix from 34581
    Fix [35809]: Group membership is not updated when prefetching backend users
    Fix [35814]: UTM doesn't respond to arp requests after HA gets disabled
    Fix [35824]: Successfully installed EP client is not visible in the EPP overview of the webadmin
    Fix [35969]: Sometimes logging is inconsistent if a user is connected via hotspot
    Fix [36025]: Cisco VPN remote access: XAUTH credentials and certificate can be from different users
    Fix [36079]: RED Management can't be enabled if the organisation name includes umlauts
    Fix [36159]: High CPU load from confd caused by overflow on RED devices
    Fix [36161]: HTTP Proxy: fix memory leak and log format for proceed page logging
    Fix [36190]: WAF - High swap usage caused by reverse proxy
    Fix [36218]: HTTP Proxy: segfault when configuration changes rapidly
    Fix [36225]: HTML5 portal RDP session to Windows 8.1 doesn't work
    Fix [36278]: Increase maximum number of access points (APs)
    Fix [36303]: USB deployed RED10 devices loose their static wan config
    Fix [36312]: RED15 responds to public DNS requests
    Fix [36345]: Confd error when configuring certificate for HTTP Proxy end-user pages
    Fix [36373]: WAF - Reverse authentication: AH01627: AuthType configured with no corresponding authorization directives
    Fix [36383]: glibc security update (CVE-2015-7547) [9.4]
    Fix [36385]: cssd doesn't reload for avira pattern updates with u2d-avira-xvdf

    -----

    Best regards
    Martin

    Sophos XGS 2100 @ Home | Sophos v20 Technician