

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
Hi,
I have new SMTP server which uses port TCP 587 but after i have tested something on Logger, it's not successful yet
This is what i tested
Logger - 6.5.1
I tried to configure it on System Admin and Reports tab but it
on System Admin -> System -> SMTP, i couldn't put xxx.xxx.xxx.xxx:587 in a Primary SMTP Server nor Backup SMTP Server
on Reports -> Administration -> Report Configuration, i could put xxx.xxx.xxx.xxx:587 on SMTP Server but however, i got the error 35015 while trying to send a report out
"Couldn't e-mail report due to one of the following reasons:- Error in connecting to mail server- Email size too large- Invalid SMTP credentials"
As i saw Invalid SMTP credentials, does it mean that i have to configure the authentication username/password somewhere on of Logger? and which file and syntax should i put into?
ArcMC 2.7.0
For ArcMC, i have tried to configure it on Administration -> System -> SMTP but couldn't put a specific port into it either
ESM 6.11.0
I have not tried it yet but If anyone knows how to do it, please let me know
Accepted Solutions

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
Hello,
from the ESM perspective, because I have experience with this product, is using only two ports to send SMTP notification:
- TLS 995 default configuration starting with ESM 6.9.1;
- port 25 if adding the following line into server.properties. " email.tls.desired=false" .
At this moment configuring the external SMTP server, it allows you to introduce only the address/hostname and not the port.
Since you cannot configure the port for the SMTP you can play with the following workarounds like :
- install an SMTP relay on the same server where ArcSight ESM it's installed, configure the ESM solution to send the notification on local port 25 and from the SMTP relay, you can configure the destination port.
- playing with iptables rules installed on ESM Linux box to forward the request that comes on 25 / 995 to other destination ports.
Best Regards,
Daniel

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
Hello,
from the ESM perspective, because I have experience with this product, is using only two ports to send SMTP notification:
- TLS 995 default configuration starting with ESM 6.9.1;
- port 25 if adding the following line into server.properties. " email.tls.desired=false" .
At this moment configuring the external SMTP server, it allows you to introduce only the address/hostname and not the port.
Since you cannot configure the port for the SMTP you can play with the following workarounds like :
- install an SMTP relay on the same server where ArcSight ESM it's installed, configure the ESM solution to send the notification on local port 25 and from the SMTP relay, you can configure the destination port.
- playing with iptables rules installed on ESM Linux box to forward the request that comes on 25 / 995 to other destination ports.
Best Regards,
Daniel


- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
Thank you Daniel. I will try those workarounds