Sophos Email customers using IP-based mailflow rule connectors must migrate to certificate-based configuration by March 31st. To see if you're affected Click Here.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Central Email Gateway Outbound Policies and DKIM record

Dear All,

I know that Sophos Central Email Gateway is providing Inbound security But What about outbound mail securities If Sophos is configured for outbound too. How to configure any policies for outbound?

We need a DKIM signature (record).  How does Will get from Sophos Central mail Gateway.



Added tags
[edited by: Raphael Alganes at 7:54 AM (GMT -7) on 10 May 2023]
  • Outbound does not support DKIM right now. Only SPF (because it relies on the DNS record).

    https://community.sophos.com/kb/en-us/132343

    Central will simply use the same mailboxes for outbound like inbound. Is there a mailbox - Central will accept the mail outbound. 

     

    DKIM / DMARC and the other Spam checks are only supported for inbound (Central scans the inbound mails).

    Outbound should be used to keep matching MX Records etc. 

    __________________________________________________________________________________________________________________

  • Hi,

    One more question:

    I will configure an SPF record with the same value for all my domains which are configured for outgoing mail? will this value change based on a domain name?

    v=spf1 include:_spf.prod.hydra.sophos.com ~all

     

    There is no changes (per domain name based).

     

    Regards,

    Deepak Kumar

    Regards,

    Deepak Kumar

    Sophos Architect | NSE 4 | CCNP | CISE 

  • Where is the question? :) 

    __________________________________________________________________________________________________________________

  • Hi Deepak That record would be accurate as long as all of your domains are routed outbound via Sophos Central Email and you are sure that no other 3rd parties send mail from those domains on your behalf You could also narrow this down further to the specific Central region if you wanted, using the information in community.sophos.com/.../132343 Greg