SEP - Internet Email Auto Protect Issue
Created: 06 Aug 2010 | 12 comments
We have a 3rd party program that is used to make an SMTP connection with a username and a password to our internal mail server. While Internet Email Auto-Protect is enabled, the application is not allowed to do this process. The connection is blocked. When I disable Internet Email Auto-Protect, everything works fine with the exception of SEP states that it has been completely disabled.
I prefer to leave Internet Email Auto-Protect on. Does anyone have any suggestions?
Discussion Filed Under:
Comments 12 Comments • Jump to latest comment
Which is SMTP program you use, If you can give us a name we can try to find if there is any conflict or not?
Prachand MCSE-2012 Symantec Technical Specialist (SCTS)
The application is called Suunto. It only makes outbound connections to our mail server (read: send only, no receive).
What is the Suunto product name and version number? Is the client firewall set up to allow traffic for the Suunto product?
Ooyala Community Manager - Take our Video Poll
Sorry Suunto Fitness Solution 1.1.1.4. And why would the client firewall come into play when the application works fine if Internet Email Auto Protect is disabled? Does disabling Internet Email Auto Protect automatically remove block entries from the Symantec Client Firewall for SMTP, POP, and other types of mail traffic? While the firewall is installed, I have no policy configuration settings configured.
Using Username/Password authentication over TSL/SSL?
In general settings, outgoing ports are configures to use port 25 (SMTP).
Do you have an exception to allow port 465 or 587?
I have seen other discussions where you need to configure one of these ports; 465 or 587- in order to get authentication to work.
Good point, something in the Internet Email Auto protect feature is seeing outgoing traffic as a threat.
Try disabling Outbound worm heuristics, and test if the issue goes away.
http://seer.entsupport.symantec.com/docs/331120.htm
Ooyala Community Manager - Take our Video Poll
Yeah I already tried that. I thought for sure that would fix it but no luck. The connection being made is just a simple SMTP connection. Since it happens inside of our own network, meaning there is no traversal of the internet until AFTER our mail server, there is no need for a secure connection. It's very bizzare. Any other suggestions are welcome.
Hi Khue,
Are there any entries created in the SEP Risk History, or any pop-ups on screen when the connection is blocked-? SEP generally let sit be known when actions like this are taken.
Thanks and best regards,
Mick
With thanks and best regards,
Mick
in SEPM go to Monitors-->logs-->risks and check any entry present related to this.If present add it ti centralized exceptions.
Please don't forget to mark your thread solved with whatever answer helped you : ) Thanks & Regards Aravind
There aren't any popups or anything. I also see no logging for that specific device relating to blocked risks.
I think it is better to open a case with symatec for this...
Please don't forget to mark your thread solved with whatever answer helped you : ) Thanks & Regards Aravind
I'd rather leave it broken then.
Would you like to reply?
Login or Register to post your comment.