Utilize Relay Control when using external cloud services, to control which outbound emails are permitted through the appliance, based on the IP and domain combination as well as the header name and value settings. Administrators must configure the headers in the Relay Control settings to match the headers on the external service.
When an email is received by the email appliance, the email appliance will check the header against the Relay Control specified header. Should the information in the headers not match, the email will be discarded. If all criteria are matched, the configured headers will be removed from the email and the email will be processed. The email appliance will look at the IP and domain combination and any domains linked to that IP that have not been configured are discarded.
This article describes how to setup relay control for Office 365 or other cloud email providers. The following sections are covered:
Applies to the following Sophos products and versions Sophos Email Appliance
A customer has a cloud setup for domains sophos1.com and sophos2.com with an IP address range/pool 192.168.1.0/24.
Note: For Office 365 and other cloud email providers, it is required that the connectors are already setup. Please see the Microsoft document Configure mail flow using connectors in Office 365 for setting up a connector for Office 365.
Note: Administrators will need to configure the same headers within their cloud configuration.
Looking at the example scenario, email (from the configured IP pool) will be marked as either inbound or outbound according to the following conditions.
Let us consider some scenarios. Assume, cisco.com is also hosted on the same cloud setup:
All other domains will be discarded from the same IP address pool for outbound email flow. Emails from the configured domains should contain the configured headers, otherwise they will be discarded. Configured headers are removed from the accepted email and are then processed.
If you've spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article. This is invaluable to us to ensure that we continually strive to give our customers the best information possible.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.