Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Exchange Online Relaying

Hey Guys,

how you are handling relaying with 365 EO? Until now we did use a Configuration described here: https://community.sophos.com/kb/en-us/132416Now we had a Security Issue, a Spammer used the Network Range from EOP for Relaying Mails through our Firewall :( 

I did made a Test with a Demo Tenant und it took like 2 Minutes to use Routed Sophos Firewalls with an EO Connector...

Our Sophos Support (Distribution) told us we shoud create a Feature Request which seems crazy. I made a lot of research and I cannot find a way creating an authentificated Relay with EO. I assume the only possibility would be handling this with Headers but is there a possibility with a SG or XG?

I think many Partners are not aware of this issue and it seems also crazy that there is no Warning at this Knowledge Base Article..

Regards,

Jonas

 

 



This thread was automatically locked due to age.
Parents Reply
  • SG/XG uses the Host based Relay principle to decide, which sender host is allowed to use the SG/XG as a relay. 

    If you are using a XG/SG with a public IP (like O365), SG/XG could actually be used to send mails without verification of the Sender. 

    If the sender is able to use authentication, SG/XG cannot verify, if he is allowed to relay, therefore the email will be dropped. 

    There are couple of feature requests already open in the Ideas.sophos.com page. 

     

    The best approach to a Office365 / exchange online customer would be to use Central Email. Central Email has a direct integration to both platforms to implement this solution natively. 

    https://www.sophos.com/en-us/solutions/initiatives/office-365.aspx

     

     

    __________________________________________________________________________________________________________________

Children
No Data