Microsoft Exchange and Active Directory Blog
In my private environment with a Sophos UTM 9.508-10, I have always had the problem that the recipient verification of Email Protection via Active Directory did not work. In the live log of Email Protection, the following warning was always displayed: Warning: ACL "warn" statement skipped: condition test deferred: failed to bind the LDAP connection ... Read more
Sophos recently released an update for UTM 9.5. With this update, the email protection algorithms have also been adapted with regard to the signing of emails using S/MIME: S/MIME Encryption updates: This release brings changes to the S/MIME feature to fully conform with new GDPR regulatory requirements for encryption. Core to these changes are new algorithms ... Read more
Today Sophos released an update for the UTM 9. The update updates the UTM to version 9.508-10. The update is just under 170 MB in size and is intended to fix these problems: [NUTM-8739]: [Access & Identity] Argos segfault and coredump after update to v9.502 [NUTM-9164]: [Access & Identity] SSLVPN installation packages fail to copy user profile during ... Read more
DKIM, also known as DomainKeys, is a procedure for determining the authenticity of emails. The basic functionality is explained quite simply: The sending mail server calculates a hash value for each mail it sends and appends this hash to each mail in the e-mail header. The receiving mail server can evaluate the signature and also determine the ... Read more
Sophos has today released another update for Sophos UTM to fix the WAP2 vulnerability (KRACK): [NUTM-8984]: [RED] WPA2 KRACK vulnerability fixes for RED15w [NUTM-8789]: [Wireless] WPA2 KRACK vulnerability fixes The update has the version number 9.505-4 and can be downloaded and installed directly from the following link: u2d-sys-9.504001-505004.tgz.gpg Since there have been ... Read more
Sophos has released an update for the Shophos UTM. The update fixes the following issues: [NUTM-8851]: [Basesystem] System doesn't boot if Posgtresql database cannot start [NUTM-7240]: [RED] RED 50 loosing ARP entries of internal machines [NUTM-8782]: [RED] RED10, RED15, RED50: Update OpenSSL and TCPdump to most current Version [NUTM-8858]: [RED] DNSMasq vulnerabilities If the update ... Read more
Sophos has today released an update with the version number 9.503-3 for Sophos UTM. The update is intended to fix a total of 33 problems. Unfortunately, Sophos has not been so lucky with updates for the UTM in the past, so the last update fixed some problems, but also caused new ones. Unfortunately, this makes extensive testing ... Read more
As Michel reported on networkguy.de, the HTTP proxy of the UTM has been crashing at irregular intervals since today. A corresponding mail lands in the inbox: Http proxy not running - restarted The problem is due to a faulty pattern update for the UTM which was rolled out by Sophos. In the meantime, a corrected pattern has been published (u2d-appctrl43-9.42). Here is the corresponding ... Read more
I'm currently working on my private PRTG installation and stumbled across the PRTG IPFIX sensor by chance. IPFIX is a further development of Cisco Netflow and is also used to collect and visualize traffic data within a network. Since the Sophos UTM also supports IPFIX, PRTG can use the IPFIX data ... Read more
In the last article, I had already announced that I would also like to use PRTG to monitor the web server protection of the Sophos UTM. Unfortunately, PRTG only offers generic sensors for the UTM, which makes monitoring a little more difficult. I've made some progress with the Sophos RESTful API, but unfortunately RESTful ... Read more
