Thread Info
  • State Suggested Answer
  • +3 person also asked this people also asked this
  • Locked Locked
  • Replies 12 replies
  • Answers 1 answer
  • Subscribers 18 subscribers
  • Views 12439 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Cannot use Exchange rules to redirect messages from my Exchange to external contatcs - Sophos Central Email Gateway

Marcelo Gladzik

Hello everyone,

All our external e-mails are receive/send by Sophos Central Email gateway and after, it delivery the messages. This is working normally as we expect. But few days ago we are facing something strange, when we make a rule on our Exchange Server to redirect messages received from a internal client to a external contact (for example: user@internaldomain.com forward to contatc@externaldomain.com) we receive a message from Sophos like this:

I will try to translate:

 

Your message was not delivered because security or safety issues. It may have been rejected by a moderator, you may only receive emails from certain senders, or another restriction prevented a delivery.
The following is an organization that rejects your message: relay-us-east-2.prod.hydra.sophos.com.

Diagnostic information for administrators:
Generating server: "our server name" Total retry attempts: 1
 
user@externaldomain.com
relay-us-east-2.prod.hydra.sophos.com
Remote Server returned '550 5.7.1 Rejected command'
 
 
 
Looks like the message goes to Sophos and Sophos reject it. We don´t know how to resolve this.
If we send a message from user@internaldomain.com to contact@externaldomain.com, the contact receives the message. If the message is from inside my organization the redirect works, if the message is from outside my organization, the redirect does not work.
 
The problem occurs only we use rules on our Exchange.
 
Thanks.
 
Marcelo.
 


This thread was automatically locked due to age.
Parents
  • 0

    Hi Marcelo,

    We are experiencing a similar problem ever since April 1st.  Let me see if I can explain.  We are using SOPHOS email for incoming and outgoing filtering.  We have a shared mailbox (shared@ourdomain.com) on exchange online that is set to forward to an external contact (external@theirdomain.com).  We set this up within the exchange administrator, NOT within the mailbox settings.  When someone internal (joe@ourdomain.com) sends an email to this shared mailbox (shared@ourdomain.com) exchange will forward it to external@theirdomain.com and it works great.  This is how it should work and this is how it IS working.  However, the problem comes when someone from OUTSIDE of our domain sends an email to this shared mailbox.  For example, customer@gmail.com sends an email to shared@ourdomain.com.  Sophos shows the email was delivered successfully to shared@oudomain.com, but then it disappears.  I changed the forwarding so that it would leave the forwarded messages in the shared@outdomain.com mailbox while still attempting to forward.  That was when I discovered a NDR error message.  Its giving a Status code: 550 5.7.1 Command rejected.

    At this point I am not completely sure that it is SOPHOS that's causing it, but the error looks similar to when SOPHOS doesn't have a mailbox setup for a user and they try to send through it.  I did confirm that shared@ourdomain.com is setup.  That was when I saw this post and now I am wondering if it is SOPHOS being that there was a recent update this week and others with SOPHOS are having a very similar issue.

    I wanted to post here so the OP and others were aware that they weren't the only ones with the issue.  I will also continue to troubleshoot and submit a ticket to SOPHOS support as well.  Hopefully there is a simple fix or workaround.

    Thanks.

  • 0 in reply to Isaac R

    Hello Isaac.

     

    The problem is the way that Exchange server redirects the messages, if a check the e-mails headers, for example an e-mail sent from GMAIL to us, the message was delivery internally and the rule to redirect does not work. After view the header of the return e-mail with the "Status code: 550 5.7.1 Command rejected", the messages was with a SPF error, the message was from GMAIL and the IP that was trying to delivery the message was mine - Sophos E-mail Gateway "think" that GMAIL was trying to sent e-mails from our IP. Because of this, the messages were reject by Sophos.

    We have not find a solution for this case.

    I had to create a secondary relay and send some e-mails to this external domain by it. Our rule to redirect e-mail was only to a single domain (from x to y).

    Exchange Server 2013. With other versions we do not know if it happens.

     

    Sorry about the English.

    Marcelo.

  • 0 in reply to Marcelo Gladzik

    Marcelo Gladzik said:

    Hello Isaac.

     

    The problem is the way that Exchange server redirects the messages, if a check the e-mails headers, for example an e-mail sent from GMAIL to us, the message was delivery internally and the rule to redirect does not work. After view the header of the return e-mail with the "Status code: 550 5.7.1 Command rejected", the messages was with a SPF error, the message was from GMAIL and the IP that was trying to delivery the message was mine - Sophos E-mail Gateway "think" that GMAIL was trying to sent e-mails from our IP. Because of this, the messages were reject by Sophos.

    We have not find a solution for this case.

    I had to create a secondary relay and send some e-mails to this external domain by it. Our rule to redirect e-mail was only to a single domain (from x to y).

    Exchange Server 2013. With other versions we do not know if it happens.

     

    Sorry about the English.

    Marcelo.

     

     

    Hi Marcelo,

     

    Can you let me know how did you route those specific emails through the secondary relay?

     

    I'm having the same exact issue with no help from the support.

     

    Thanks.

Reply
  • 0 in reply to Marcelo Gladzik

    Marcelo Gladzik said:

    Hello Isaac.

     

    The problem is the way that Exchange server redirects the messages, if a check the e-mails headers, for example an e-mail sent from GMAIL to us, the message was delivery internally and the rule to redirect does not work. After view the header of the return e-mail with the "Status code: 550 5.7.1 Command rejected", the messages was with a SPF error, the message was from GMAIL and the IP that was trying to delivery the message was mine - Sophos E-mail Gateway "think" that GMAIL was trying to sent e-mails from our IP. Because of this, the messages were reject by Sophos.

    We have not find a solution for this case.

    I had to create a secondary relay and send some e-mails to this external domain by it. Our rule to redirect e-mail was only to a single domain (from x to y).

    Exchange Server 2013. With other versions we do not know if it happens.

     

    Sorry about the English.

    Marcelo.

     

     

    Hi Marcelo,

     

    Can you let me know how did you route those specific emails through the secondary relay?

     

    I'm having the same exact issue with no help from the support.

     

    Thanks.

Children
No Data
Unfiltered HTML