Hi Frederico,
Looking at the result of your ncat attempt to verify TCP connectivity I would take the connection refused literally. It appears you are unable to make a basic TCP connection to your email server on port 25. This may be due to a firewall, router or email server rule preventing the communication. Or perhaps you have the incorrect IP address. If you would like to confirm this issue by means of a packet capture from your Guardium appliance do the following
1. Login to the CLI
2. run "support store tcpdump on raw 10m 5"
This will begin capturing all network traffic for 10 minutes and max out at 5GB of data.
3. Run the "support show port open [smtp server ip] [listening port] in your example 192.168.3.95 25
Do this a couple of times.
4. When you are done run "support store tcpdump off"
5. Run the fileserver
Run "show system log" This will return the IP address of the system you are on.
6. Run "fileserver [your IP address] 3600
This will run the fileserver for 1 hour.
7. Goto
https://your.guardium.device:8445 Navigate to Logs | opt-ibm-guardium-log
Download the tcpdump.log file
8. Open the file in Wireshark and examine the activity between you and the email server
9. My guess is you will see your Guardium box send out a bunch of SYN packets followed by RST packets from some device between you and the email server or from the email server itself
Good Luck!
------------------------------
Patrick OBrien
------------------------------
Original Message:
Sent: Thu January 19, 2023 01:42 PM
From: Frederico Menge
Subject: SMTP troubleshooting
Hello guys
Currently I have been trying to configure the sending of alerts by SMTP in Guardium but without success.
The connection to the SMTP server succeeds, but the test emails never arrive. We tried by GUI and CLI via diag.
I run an ncat on port 25 and the connection was refused, I think that might have something to do with my problem.
------------------------------
Frederico Menge
------------------------------