Link to home
Start Free TrialLog in
Avatar of Hello There
Hello There

asked on

Kaspersky blocks Outlook

Hello everybody who wants to help me.

I have a bigger issue with my VPN client and Outlook running on one of them.
Let me describe it. And please, be patient.

Well, I have a computer connected to my company network via VPN. Few days ago I got a report that Outlook does not receive any emails. They were able to access the mail only using browsers but not via MS Outlook. It was weird because I did not do any changes within my VPN computers.

Settings for this PC: The connection to the Internet is disabled for all by Kaspersky Endpoint Security for Windows 10 (managed by Kaspersky Security Center from DC), except webmail and a few webpages needed for the work.

So I took this PC to my office for testing (now it was connected to local network).
1. Reinstallation of the KES didn't solve it.
2. When I turned off Kaspersky Endpoint Security, PC gains full access to the Internet (because the Kaspersky policy became inactive) and everything was OK and Outlook ran. But we need the Kaspersky working so this is not a solution.
3. When the all policies were on I was able to access the mail via name of the server in browser (mail-server/) but not via IP address of the server (all pings were successfull and I could log in via server name) - also weird. Outlook didn't work.
4. I also noticed that if I use the name of mail server, it automatically switched into insecure http page and I could log in to the mail but if I used an IP address, it switched into secure https mode and I was unable to login to the mail.
Considering this I denied the 443 port in Kaspersky and surprisingly the Outlook, mail via IP and mail via server name were all working.
So I put the PC to the remote location via VPN and guess what happened! Nothing because it wasn't working (the port 443 was denied). I was able to get into the mail only via an IP in browser again but not via Outlook.

So I took a spare PC and tried the same thing with the same settings and the result was ... exactly the same. So it is not an issue of the specific computer.

I think it is an Kaspersky issue. I've found several articles with this problem but with no real solution.

Could you please help me with this problem?

Well, there is one thing you should know. Windows GPO doesn't apply via VPN (I am solving this in another article). But there shouldn't be a real problem because it contains only password policy and this: see the attachment.

But I am not really sure if the Kaspersky applies its policy. Then the problem could be there.

 User generated image
Avatar of Tahir Qureshi
Tahir Qureshi
Flag of Australia image

As per you description it is Kespersky issue

have you add the outlook application to trusted zone
try adding both port plus port as well

there is anarticale describe how to add into trusted zone
Avatar of Hello There
Hello There


It's been working for months, maybe years. Outlook is included in Trusted applications.
1. go to outlook add-in options.
2. in the add-in options ---go to email protection tab. protection tab- go to settings
4. select the mail scan options(  1.Scan upon receiving. 2.Scan when read.3.     Scan upon sending.) ok and then check.

Should I do this with my current settings? (Port 443 disabled so I could get there)
Yes.. check in one system which is having this issue.
pls let us know which version of outlook client you are using.
Version: Outlook2010 14.0.7128.5000 32-bit

So I used working settings and got into Outlook settings. Only Scan when read was unchecked so I checked it and switched it into non-working environment. Still the same problem. If I type an IP address (instead of the server name) it says: see the attachment. Outlook has the same problem (Outlook icon is red and says: Kerio Outlook Connector Offline). Only server name works.

I also tried to disable the Mail-Antivirus but with no results.

User generated image
What changed at the time it stopped working?
Nothing if you're asking if I did any network, VPN changes etc.

I know that something caused this but I cannot realise any changes related to this.
I was thinking more along the lines of server changes or software changes. Sometimes even a simple upgrade will be at the root of problems.

What version of Kaspersky? I think there is a place you have to specify that a secure connection is being made to the mail server.
Avatar of Hello There
Hello There

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
This sounds like you're overcomplicating things. Why not only have configured? Then it would be your call on whether to use split DNS on the network (that way it can resolve to an internal IP when in the office, and to the external when not in the office).
Maybe you're right but we are using this solution. I asked this question to find solution for this issue because that computer worked fine before but it doesn't do now and I'd like to know why.

To the changes... I actually realize that my colleague was extending the range of IP addresses it that time.
Any other solutions?
Hi, you just need to add the on the trusted list in webfilter options.

> Policys on KSC10
> Edit
> Endpoint Control
> Web Control
ADD > new policy Outlook > Edit

name > any
filter content >  any content
a´´pply to addresses > to individual addresses

ADD this:***

Action > Allow
Schedule > always

Save this, and wait replication on all endpoints.

But i really don't understand why the Kaspersky made this atualization to stop work the outlook.