Sophos Email customers using IP-based mailflow rule connectors must migrate to certificate-based configuration by March 31st. To see if you're affected Click Here.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Central Email Gateway Outbound Not Working

Hello Everyone:

I'll try to explain as much as I could on what is our problem with Sophos Central Email Gateway.  We just recently subscribed to Cloud-Based Sophos Email Gateway.  Here is what we are trying to do:

Inbound Email = WORKING GREAT:

Internet Email Sender > Sophos Central Email Gateway > SF XG310 > Exchange 2010

Outbound Email = NOT WORKING:

Exchange 2010 > SF XG310 > Sophos Central > Internet Recipient

ERROR Received:

Delivery has failed to these recipients or groups:

user@externalemaildomain.com
Your message wasn't delivered due to a permission or security issue. It may have been rejected by a moderator, the address may only accept e-mail from certain senders, or another restriction may be preventing delivery.

The following organization rejected your message: relay-us-west-2.prod.hydra.sophos.com.

Diagnostic information for administrators:

Generating server: OUREXCHANGE2010SERVER.ourdomain.com

user@externalemaildomain.com
relay-us-west-2.prod.hydra.sophos.com #550 5.7.1 Command rejected ##

 

Here's our configuration.

Sophos Central Email Gateway:

Uses AD Sync

Domain > Inbound Only > Inbound Destination > Mail Host > External IP Address of our Mail Host with Port 25

GoDaddy MX Record:

mx-01-us-west-2.prod.hydra.sophos.com

mx-02-us-west-2.prod.hydra.sophos.com

 
Exchange 2010 Smarthost:  
relay-us-west-2.prod.hydra.sophos.com

SF XG 310:

MTA Legacy Mode

Inbound Business Rule:

WAN - Sophos Delivery IPs (52.41.236.76 and 50.112.39.248)

Destination - External Exchange 2010 IP Address

Services - SMTP(S)

Protected Server - Internal Exchange 2010 IP Address

Protected Zone: LAN

 

SF XG 310:

Outbound Rule:

Source - LAN - Internal Exchange 2010 Internal IP Address

Destination Zone - WAN - Sophos Delivery IPs (52.41.236.76 and 50.112.39.248)

Services - SMTP(S)

What are we missing?

Thank you in advance for all your help.

Baldwin



Added tags
[edited by: Raphael Alganes at 9:21 AM (GMT -7) on 11 May 2023]
Parents Reply Children
No Data