This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Authenticated Relay

 Hello,

I would like to authorize authenticated relaying in XG.

I'm in MTA mode and I've created a user but when I tried with a SMTP client, it doesn't work.

It seems that the XG MTA don't ask/accept the AUTH command.

 

Regards,

Thibault



This thread was automatically locked due to age.
Parents
  • Hi tdutrieux ,

    SMTP auth would not work , you may need to configure LDAP, AD connections with your mail server.

    Regards,

    Aditya Patel
    Global Escalation Support Engineer | Sophos Technical Support

    Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'This helped me' link.

  • Hi, 

    "Authenticated relay" on XG is not like on UTM.

    Authenticated Relay on UTM is based on the SMTP transmission, while XG works via Policy authentication, like User based Firewall / live user. 

    Cheers

    __________________________________________________________________________________________________________________

  • manbearpig said:

    Authenticated Relay on UTM is based on the SMTP transmission, while XG works via Policy authentication, like User based Firewall / live user. 

    Cheers

    How do you mean this? There is a Authenticated Relay setting where Users can be set to allow them to send mails via Authenticated Relay. Do you have Authenticated Relay working? How does this need to be configured?

    Please send me Spam gueselkuebel@sg-utm.also-solutions.ch

Reply
  • manbearpig said:

    Authenticated Relay on UTM is based on the SMTP transmission, while XG works via Policy authentication, like User based Firewall / live user. 

    Cheers

    How do you mean this? There is a Authenticated Relay setting where Users can be set to allow them to send mails via Authenticated Relay. Do you have Authenticated Relay working? How does this need to be configured?

    Please send me Spam gueselkuebel@sg-utm.also-solutions.ch

Children
  • In the meantime after 3 Weeks, I was able to get an valuable Answer from the support. I was told the following:

    1. Authenticated Relay as it's defined in SMTP Standard (tools.ietf.org/.../rfc4954) is currently NOT Supported on XG Firewall.
    2. Authenticated Relay on XG means, the User has to authenticate via STAS or SATC BEFORE he sends the Mail.
    3. Authenticated Relay as everybody in the world uses it (RFC4954) is going to be Implemented on SFOSv18.

    This is really awkward. I do have very few understanding for having implemented this not according the existing Standards. I have even less understanding for sophos not having documented it on a Public available KB.

    Please send me Spam gueselkuebel@sg-utm.also-solutions.ch

  • Where did you get the information from that it would be implementen in SFOSv18? I am really looking forward for this, but did not see it yet in the v18 manual.

  • I've just checked, SMTP AUTH is still not implemented in v18 MR1.  There is a feature request of sorts at Sophos Ideas, basically rejected by the Product Manager.  I've just commented on it, because the argument is somewhat dubious.