Hello Sophos Community,
I am currently experiencing issues when accessing certain external imap servers through my Sophos XG.
I have several different imap accounts configured on my clients (7 accounts) but only 5 of them work through my Sophos without any problem.
When accessing two of them there's an error saying: SSL handshake timeout - all others work without any problem. All accounts work when using another network (e.g. mobile network or a friend's wifi) So this shouldn't be a configuration issue.
I have proxy, webfiltering and imap scanning enabled, so I created a FW rule allowing a test client to access any/any, put it on top, disabled webfiltering, created a webfilter exception (just to be sure) but there are still these handshake timeouts.
This is everything I get, when trying to check my mails: (unfortunately nothing else in the log files, so far)
Any advice would be appreciated
I am running a Sophos XG 18.0.1 MR-1
yes I am aware that these entries have nothng to do with email and I know what these "invalid traffic" messages mean in this case - but these are the only messages I receive and they're immediately…
I solved a similar issue by adding the IP address or hostname (TLS SNI) to the URL group included in the "Exclusions by website or category" default rule under SSL/TLS inspection rules.
The source is an internal server in a zone/nework not included in any of the other rules, but the exclusion was still necessary.
please review this thread regarding issues with iMAPS.
Thank you very much for your suggestion but I do not have SSL/TLS inspection enabled:
So basically this shouldn't be a problem.