Sophos AP/APX users may experience issues registering to Sophos Central. More info available here: Central Wireless
We'd love to hear about it! Click here to go to the product suggestion community
We want to use Sophos XG email MTA as a second filter for spam and virusscanning, because we notice that SpamExperts (spam filter we use) does not always catch everything.
So at the moment our setup is like this.
Our MX records for our domain name are set to the mx records for SpamExperts and in our Spamexperts portal our destination is set to our public IP and a certain port which are delivered to Exchange via port 25 with a Sophos firewall rule that only allows servers from spamexperts to deliver the mail.
So I tried to active MTA and setup a smtp-scanning rule using this article: https://community.sophos.com/kb/en-us/125596 I changed the auto added firewall rule to only use wan as source as I only want this for incoming mail. Disabled the rule I had for the delivery of mail directly to Exchange.
SpamExperts is not able to deliver the mail to the XG, is there something that I'm missing?
In the protected domain I filled in ourdomain.com
Edit: When running the SMTP test tool on SpamExperts I get a succesfull smtp reply from the Exchange server using my first method, but when trying the MTA method I don't even get a SMTP response. Under administration>Device Access SMTP Relay is enabled under WAN and our LAN zone
Doing a open port scan on port 25 and 587 results in a closed port, shouldn't this be open as the XG acts as a MTA?
Hi TonV The given details require a thorough investigation, I would recommend to open a support case.
Try using port 465.
Port 25 was blocked by the ISP, which I had not noticed because for the old rule I used port 2525 to 25.
ISP unblocked the port and all is working now.