Sophos Email customers using IP-based mailflow rule connectors must migrate to certificate-based configuration by March 31st. To see if you're affected Click Here.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

New User: Setup email Gateway

I'm brand new to this so please bear with me. I'm setting up the Email gateway to deliver mail to my exchange server.  I need someone to confirm that I'm doing this right before I implement it.

1) when I setup the "domain settings" in Sophos Central, and I enter my domain / "Edit Domain" screen.  Is "inbound destination" setting supposed to be my Email server? 

if I did "Inbound and Outbound" What would outbound destination be for? 

2) Then my understanding is to change the MX record to point to the Sophos Central. 

3) then I should update my exchange server to only accept emails coming from Sophos Central.

Is that what I am supposed to do?  I think I'm trying to make sure that "Inbound" means into my exchange server.  and to define "Outbound".

Thanks

Scott



Added tags
[edited by: Raphael Alganes at 1:23 AM (GMT -7) on 8 Jun 2023]
  • Hello Scott,

    Thank you for contacting the Sophos Community!

    1) The Inbound destination, is meant to be where the emails that are received by Central will be sent to, in this case when it asks you for the IP/FQDN you would need to put the Public IP of the router that will pass this emails down to your email server.

     If you selected Outbound Gateway, and selected Custom Gateway, then in the IP/CIDR you will put the IPs where central should be expecting emails coming from you, in this case your Public IP(s).

    2) Yes, you also need to change your Public MX records to point to Sophos Central. 

    3)  This step is optional but highly recommended to increase the security and effectiveness of the product, as this way only your Exchange will be accepting emails from Sophos Central IPs, otherwise, people could telnet directly into your Exchange and bypass Central. 

    For example in my case, my Public IP is 216.232.x.x so I configured this for Inbound and Outbound, Inbound to send this down to my router, which will pass it down to my Exchange, (I also created a Firewall rule to only accept connections on Port 25 for Sophos Central IPs) and Outbound telling central to only receive email coming from me outbound from 216.232.x.x.

    Regards,


     
    Emmanuel (EmmoSophos)
    Technical Team Lead, Global Community Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
  • Thank you.  this really clarified a bunch of questions for me.  and it worked! I now have mail flowing in from Sophos and going out to Sophos