Sophos Firewall v22 EAP is now available! Click here to learn more.

Thread Info
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SMTP Proxy Usage in XG without Email Protection License

BrucekConvergent

So I have a customer moving from a UTM cluster to XG, and when they purchased the new XG, they said they were using Google and Microsoft (O365) for their various email domains, did not need Email protection.  The UTM cluster we are replacing does have the email protection feature licensed.

Now that we are configuring the replacement, I've found that they are using the old UTM as a simple SMTP relay for outbound email  -- with the allowed relay hosts setting controlling who can email out; all other SMTP traffic is denied.  No inbound mail is being scanned, etc. (they have a placeholder non-real domain in the inbound list).

The question I have is, as I've never had this come up... does the XG SMTP Proxy still function completely (minus the AV, Anti-Spam features) without the unit having an Email Protection license?



This thread was automatically locked due to age.
  • +1

    No it does not. MTA (Email Proxy) will not accept mails, if not licensed. So you have to configure your outbound email services to directly talk to the destination and control it via Firewall rules. 

    __________________________________________________________________________________________________________________

    • 0 in reply to LuCar Toni

      So, our local Sophos SE checked into this for me, and according to what appears to be a dev, they say it will work as long as scanning is not enabled.... if you want I can DM you the dev's name.

      CTO, Convergent Information Security Solutions, LLC

      https://www.convergesecurity.com

      Sophos Platinum Partner

      --------------------------------------

      Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

      • 0 in reply to BrucekConvergent

        And now my SE said he slightly messed up the question to the Dev.  Lucar is absolutely right (unfortunately, in my situation).

        CTO, Convergent Information Security Solutions, LLC

        https://www.convergesecurity.com

        Sophos Platinum Partner

        --------------------------------------

        Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

    • 0

      I wanted to update this Thread: SFOS allows relay with Base License. 

      https://doc.sophos.com/nsg/sophos-firewall/20.0/help/en-us/webhelp/onlinehelp/AdministratorHelp/Email/index.html 

      Sophos Firewall allows email traffic but doesn’t provide email protection without a valid Email Protection subscription.

      __________________________________________________________________________________________________________________