Allowing emails from corporate website

Question

Our Sophos UTM is setup to block all external emails from "ourdomain.com" (sender blacklist, *@ourdoman.com) in order to block any spoofing attempts. This is now causing a problem as we have an external website that needs to send emails to our internal users from "website@ourdomain.com". Is there any way to allow emails from the website address which is sent via our hosting providers relay whilst still blocking other potential spoof emails? Thanks in advance.

This thread was automatically locked due to age.

sachingurung · Accepted Answer

This is a known bug but, I thought this was resolved in 9.4. When a global domain is listed in the Sender Blacklist then the exception will not take priority for an individual Email address, you will need to individually add specific Email addresses in the blacklist option. 
 I did an internal check and discovered it as a pending feature request. Please cast your vote on the existing feature request here . 
 Thanks

BAlfson · Answer

Hi, Edward, and welcome to the UTM Community! 
 I agree that the idea to which Sachin linked is a desirable one. In this case, your problem can be solved by a trick. Since DNATs are considered before Proxies (see #2 in Rulz ), just make a NAT rule that bypasses the SMTP Proxy for traffic from your website 
 DNAT : {DNS Host/Group for your website} -> SMTP -> External (Address) : change to {mail server} 
 If your MX record points to an Additional Address instead of the primary one on the External interface, use that in the rule. 
 Cheers - Bob