Outgoing Server

From Edge Threat Management Wiki - Arista
Jump to navigationJump to search

Outgoing Server

The NG Firewall server sends emails for several reasons:

  • The Quarantine facility sends users a daily digest of the spams they received.
  • The Quarantine allows users to "release" emails from the quarantine.
  • The Reports sends daily summary reports to administrators about NG Firewall server activity.

For these functions to work correctly, NG Firewall must be configured correctly to be able to send email in your environment.

Outgoing Email Server

This configures how NG Firewall will send email.

If Send email directly is checked then NG Firewall will send email like a regular email server. It does this by looking up the MX DNS record of the recipient domain and sends the message via SMTP to that address. This generally works with no further configuration, however many residential and even commercial ISPs block port 25 to prevent spam and this will prevent NG Firewall from sending email.

If Send email using the specified SMTP Server is checked then NG Firewall will send email using the configured server as an SMTP relay. In order for this to work the SMTP relay must be configured to allow NG Firewall to relay email.

  • Server Address or Hostname is the IP address or hostname of the SMTP relay.
  • Server Port is the port to use to connect to the SMTP relay.
  • If Use Authentication is checked then NG Firewall with authenticate with the SMTP relay.
    • Login configures the username to use during SMTP authentication.
    • Password configure the password to use during SMTP authentication.

Email from Address

This is the "from" address of all email sent from the NG Firewall server (excluding emails released from the quarantine).

Email Test

This sends a test email from the configured Email from Address. If your email settings are correct the specified recipient should receive the test email within a few minutes.

Email FAQ

The test email works to certain addresses but not others. Why?

If configured to send email directly, this likely means NG Firewall can only reach some email servers. Usually this is due to ISP blocking port 25. If configured to send email with an SMTP relay, this likely means that your SMTP relay is not configured to allow NG Firewall to relay to all addresses. The SMTP relay must allow NG Firewall to relay email to all addresses.

The test email never arrives. Why?

This indicates that the email settings are not correct. When a test email is sent an email is queued to be sent using the exim mail daemon on the NG Firewall server. Exim is configured based upon the configured Outgoing Email Server. The exim log is viewable via the terminal (and/or SSH) in /var/log/exim4/mainlog. Usually you will see error message that explain why the email is unable to be sent.

Please be aware that viewing logs on the NG Firewall server requires some Linux ability, and also requires some ability to google for exim errors and read exim documentation. If you are not comfortable with these steps contact support at support@untangle.com for help.

How Do I Use My Google Account?

Most Google authentication requires some kind of multi-factor authentication, but there is support to legacy applications like email using a special password.

To create this password:

  1. Log into Google.
  2. Go to https://security.google.com/settings/security/apppasswords.
  3. Specify a name like ngfw-email.
  4. Click Create.
  5. In the pop up window, copy the app password.
  6. Go to the NGFW.
  7. Navigate to Config, Email, Outgoing Server.
  8. Click Send email using the specified SMTP server.
  9. Specify the values as:
    1. Server Address or Hostname: smtp.gmail.com
    2. Server Port: 587
    3. User Authentication: [X]
    4. Login: your google account
    5. Password: the password you created
  10. Click Save.
  11. Click Email Test and send a message to yourself, verifying it works.