We'd love to hear about it! Click here to go to the product suggestion community
how you are handling relaying with 365 EO? Until now we did use a Configuration described here: https://community.sophos.com/kb/en-us/132416Now we had a Security Issue, a Spammer used the Network Range from EOP for Relaying Mails through our Firewall :(
I did made a Test with a Demo Tenant und it took like 2 Minutes to use Routed Sophos Firewalls with an EO Connector...
Our Sophos Support (Distribution) told us we shoud create a Feature Request which seems crazy. I made a lot of research and I cannot find a way creating an authentificated Relay with EO. I assume the only possibility would be handling this with Headers but is there a possibility with a SG or XG?
I think many Partners are not aware of this issue and it seems also crazy that there is no Warning at this Knowledge Base Article..
Please post your question in XG Firewall group. Or subscribe to that group and I'll move this post there.
In reply to Jaydeep:
Thanks, just subscribed , could you please move this Post.
In reply to JonasAgius:
SG/XG uses the Host based Relay principle to decide, which sender host is allowed to use the SG/XG as a relay.
If you are using a XG/SG with a public IP (like O365), SG/XG could actually be used to send mails without verification of the Sender.
If the sender is able to use authentication, SG/XG cannot verify, if he is allowed to relay, therefore the email will be dropped.
There are couple of feature requests already open in the Ideas.sophos.com page.
The best approach to a Office365 / exchange online customer would be to use Central Email. Central Email has a direct integration to both platforms to implement this solution natively.