Mails (O365) does not work with the below rule
-
Hi Everyone,
Hope you & your family are safe in the current situation. Stay safe. Take Care.
I have created the department-wise aliases. Also created few Port aliases. I have attached the picture for your information.
If I give all port access mails (Office 365) will work, else mails will not work in mail client Thunderbird. Fortunately Internet is working fine in Firefox Browser.
My Configurations:
Rule:
Pass - TCP/UDP - Source - Single host or alias - (Finance) - Destination - Any - Destination Port Range - Others (Allow_TCP) alias (Ports are 587, 993, 995)
With this rule mails are not working.What might be the reason this rule is not working? Am i made any wrong in this?
Can anyone help me to resolve this issue.
Thanks in advance.
Lokesh Kamath
-
And what protocol is thunderbird using to access the mail? If imap for example I do not see port 143, you have secure imap 993..
Are you not logging blocks? You should be able to see any blocks that might happen when thunderbird tries to get mail.
-
@johnpoz Thank you so much for your reply.
We are using Port POP - 995 & Port SMTP - 587.
We are getting message stating that Thunderbird Unable to login.. If I give full access then it will work.
-
@slkamath So then do what John told you: look in your log to see exactly what is being blocked.
-
-
@slkamath said in Mails (O365) does not work with the below rule:
We are using Port POP
If you have multiple devices, you probably want to use imap or imaps. This will allow all devices to see all messages and not worry about which one an email was sent from.
-
@jknott Ok. Thanks for your reply.
Many users uses IMAP, but few users we have set as POP3.
-
And what are your imap settings in thunderbird?
Something like this
Just the first setup I found for thunderbird and office365
I have not used thunderbird for YEARS!!!
-
@johnpoz Thank you.
Thunderbird Mail Setting.
IMAP - 993 - outlook.office365.com - SSL/TLS
SMTP - 587 - smtp.office365.com - STARTTLS
POP - 995 - outlook.office365.com - SSL/TLSI recently setup pfBlockerNG & rule in firewall, from that time onwards it is not working.
Firewall Rule:
I disabled this rule, then it is working.
Anything I have change to work this rule?
-
@slkamath Which rule did you disable? The allow DNS rule or the block DNS rule?
Looking at the rule traffic they are both 0/0 B so no traffic is hitting those rules.
192.168.3.3 is your local DNS server and it is running and is what is handed out to DHCP clients. If DNS was the problem you would be seeing more problems than just Thunderbird email access.
-
show us snips of rules doesn't help us help you.. Rules are evaluated top down, first rule to trigger wins, no other rules are evaluated. With seeing the full rule list and understanding rules with aliases and say this 192.168.3.3 is another vlan running some dns - like pihole or something.
It is pretty much impossible to help you.. Creating a pfblocker rule - that is what in the floating tab.. Yeah that for sure could be blocking where your trying to go, etc. etc..
An intelligent man is sometimes forced to be drunk to spend time with his fools
If you get confused: Listen to the Music Play
Please don't Chat/PM me for help, unless mod related
SG-4860 25.07 | Lab VMs 2.8, 25.07 -
@ahking19 Thanks for your reply.
Only problem is thunderbird. Internet is working fine in all the clients.
-
@johnpoz Thank you so much for your reply.
192.168.3.3 is pfsense IP. I am attaching firewall rules pic to understand better.
LAN Rules:
I have created alias for each department. Those have only mail access for them only mail ports are allowed (587, 993, 995), here 192.168.3.3 DNS rule is disabled. with this rule no-one can access mails.
others I have given all ports access.
In DHCP setting apart from 192.168.3.3 i have not mentioned any other DNS.
Floating Rules:
Now no one is accessing so in firewall LAN Rules it shows 0/0B.
-
I'm not sure I understand what the separate rules for departments are for. Currently all departments have the same access permissions set - IPv4 TCP/UDP Any Any. If you want to treat departments differently look at creating VLANs for each.
What IP(s) or network(s) does alias "Allow_Browsing_Servers" contain?
This is only rule that traffic is hitting on. Rules are evaluated top down, first match wins. For example Directors and MD traffic will never hit your rule with "MailPorts". They have already been granted access to anywhere in the rule above.
What IP(s) or network(s) does alias "MailIP" contain?
Are you using static IPs for all the client workstations? Your DHCP scope only has 3 addresses in it.
-
He also has pfblocker floating rules that could very well be blocking.. And still hasn't shown what he is using for auth.. From what reading you have to be using oauthv2, etc.
