Category Archives: Uncategorized
If you’re observing errors on your Zimbra servers’ mail-log similar to the one below, and your users are reporting password prompts on ‘sending’ e-mails.
Nov 24 17:12:07 areto postfix/smtpd: warning: SASL authentication failure: cannot connect to saslauthd server: Connection refused
Run the following commands under your servers root user.
ln -s /var/spool/postfix/var/run/saslauthd /var/run/saslauthd
After Zimbra finishes restarting all the services, get your users to re-try sending mail.
Occasionally, I’ve found interfaces on the Sophos XG firewall that won’t or can’t be removed. (Sometimes the name shows blank, with nothing in it)
DISCLAIMER – THE STEPS BELOW WILL LIKELY VOID YOUR WARRANTY. USE AT YOUR OWN DISCRETION.
#1 – SSH into the appliance with the admin user
#2 – Select Option 5 “Device Management”
#3 – Select Option 3 “Advanced Shell”
#4 – Look at the configured interfaces in the Database, identify the one you want to remove. (In this example, we’ll select )
psql -U nobody -d corporate -c "select * from tblinterface;"
#5 – Delete the affected/faulty Interface. In this example, we remove
psql -U nobody -d corporate -c "delete from tblinterface where interface='PortG.1046'; "
#6 – Navigate back to the Web UI, your interface should be successfully removed.
I have noticed that Sophos 16 seems to have a problem with the way it’s captive portal works. If enabled (firewall policy set to drop), it seems to generate excessive amounts of traffic over my links to the remote branches.
Screenshot below shows the traffic when captive portal is enabled, and you can see the massive drop after disabling it. (The blue line reflects the traffic being sent TO the branches, over the WAN)
As an interim solution, I have done the following
- Creating an external ‘landing page’ and a firewall policy matching unauthenticated traffic destined to it with the action set to DROP. (Displays the portal)
- Set the action on all other unauthenticated traffic to REJECT, thus eliminating the excessive traffic
Curious if anyone else has encountered this problem. If so, hit me up on mail or in the comments. This issue could likely affect previous versions as well.