Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
BillyBragg
New Contributor II

Created on ‎07-09-2024 10:33 AM

Gmail Not Sending (SMTP) Through Mac Mail App

Greetings,

My organization uses Gmail through the Mac Mail app. Incoming emails are working, but outgoing/sending is not. Below is a log of my co-worker trying to send a message. I am kind of a noob and hoping for someone who can help translate.

OR maybe I am not even looking at the right log? 

Thanks!

 

Untitled.pngUntitled2.png

Labels:
1172
0 Kudos
1 Solution
AEK
SuperUser
SuperUser
In response to BillyBragg

Created on ‎07-11-2024 08:23 AM

If I understand well you need to avoid inspecting port 587, right?

Then just add a policy above, for destination port 587, just without SSL inspection.

AEK

View solution in original post

AEK
762
13 REPLIES 13
AEK
SuperUser
SuperUser

Created on ‎07-09-2024 11:34 AM

Hi Billy

Can you post a screenshot of the "block-high-risk" application profile?

On that profile you may also try allow SMTPS app under "Application and Filter Overrides" and see if it fixed the issue.

AEK
AEK
848
BillyBragg
New Contributor II
In response to AEK

Created on ‎07-09-2024 12:58 PM

Hi AEK,

 

Thank you for your reply. I did add SMTPS under the "Application and Filter Overrides" earlier today but I still had the same issue.

Untitled3.png

836
0 Kudos
AEK
SuperUser
SuperUser

Created on ‎07-09-2024 02:28 PM

Hello Billy

On the log screenshot I see action "server reset", which means the remote mail server closed the TCP connection.

We need some more investigation, can you please run the below command from the same host and share the output?

telnet 142.250.123.109:587

 

AEK
AEK
821
BillyBragg
New Contributor II
In response to AEK

Created on ‎07-10-2024 11:09 AM

Before I do that, I wanted to update that we turned off SMTPS in SSL/SSH Inspection > Protocol Port Mapping and that fixed the issue for at least one test user. However, in order to turn off SMTPS you have to turn off "Inspect All Ports" which we're not sure what doing that opens us up to.

772
BillyBragg
New Contributor II
In response to BillyBragg

Created on ‎07-10-2024 11:16 AM

Does turning off "Inspect All Ports" literally turn off inspecting ALL ports or is it just for the ports listed below it in the GUI?

 

769
0 Kudos
AEK
SuperUser
SuperUser
In response to BillyBragg

Created on ‎07-10-2024 12:11 PM

Good finding. You may troubleshoot by turning it on again, turn on "Log SSL anomalies" in the SSL profile, redo the test, then see the SSL logs if there is some error.

By the way are you using deep inspection?

AEK
AEK
766
BillyBragg
New Contributor II

Created on ‎07-10-2024 12:17 PM

Yes sir, we are using deep inspection.

 

Also wanted to follow up on my other question, does turning off "Inspect All Ports" literally turn off inspecting ALL ports or is it just for the ports listed below it in the GUI?

 

Thank you!!

 

764
0 Kudos
AEK
SuperUser
SuperUser
In response to BillyBragg

Created on ‎07-10-2024 02:10 PM

As per my knowledge, "Inspect All Ports" will inspect ALL ports (from 1 to 0xFFFF). I think it is good practice to enable it since some apps may use other ports for SSL traffic.

AEK
AEK
738
BillyBragg
New Contributor II
In response to AEK

Created on ‎07-11-2024 08:18 AM

The problem is that I can't seem to turn off the inspect SMTPS slider without first turning off the Inspect All Ports" slider. :\

663
0 Kudos
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.